Back To Schedule
Tuesday, October 4 • 12:00pm - 12:25pm
RBAC for Quantum

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Currently Quantum has a very basic authorization model: all the users belonging to a tenant have the same right, and only users with "administrative" roles are allowed to plug interfaces. This is rather limiting and should be improved in several ways: 1) Having a full RBAC model, thus allowing tenants to specify distinct roles for their users. E.g.: "standard users" vs. "network administrators" 2) Allowing Quantum to communicate with the "interface service" (nova), in order to fetch information concerning VIF ownership 3) Allowing Quantum to manage private (ie: per tenant) networks alongisde public/community networks (ie: networks where each tenant or specific groups of tenants can plug their interfaces) This proposed session is somehow related to: http://summit.openstack.org/sessions/view/47 (Dashboard, Nova, Keystone and RBAC, Openstack core track)

Tuesday October 4, 2011 12:00pm - 12:25pm EDT

Attendees (0)