c981cfd658
The ``device_id`` field on ports is used by other OpenStack projects to save what resource is using a port and for these OpenStack projects to support the Secure RBAC community goal they need to be able to update this field. This is required for OpenStack projects such as Nova that tracks instance UUID in device_id on a port and Octavia that also uses the device_id field. This allows the ``service`` role to update the device_id field and doesn't touch any existing policies that already exist for the field. Related-Bug: #2105502 Closes-Bug: #2107039 Change-Id: I227416a7420412a39e450352915eff5967172c64
7 lines
204 B
YAML
7 lines
204 B
YAML
---
|
|
features:
|
|
- |
|
|
Added ``service`` role to the ``create_port:device_id`` and
|
|
``update_port:device_id`` policies to allow service users
|
|
for other OpenStack projects to complete Secure RBAC.
|