Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 14. Configure RBAC
Role-based Access Control (RBAC) policies in OpenStack Networking allows granular control over shared neutron networks. Previously, networks were shared either with all tenants, or not at all. OpenStack Networking now uses a RBAC table to control sharing of neutron networks between tenants, allowing an administrator to control which tenants are granted permission to attach instances to a network.
As a result, cloud administrators can remove the ability for some tenants to create networks, and can instead allow them to attach to pre-existing networks that correspond to their project.
14.1. Create a new RBAC policy
This example procedure demonstrates how to use a RBAC policy to grant a tenant access to a shared network.
View the list of available networks:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow View the list of tenants:
Copy to Clipboard Copied! Toggle word wrap Toggle overflow Create a RBAC for the
web-serversnetwork that grants access to the engineering tenant (c717f263785d4679b16a122516247deb):Copy to Clipboard Copied! Toggle word wrap Toggle overflow
As a result, users in the Engineering tenant are able to connect instances to the web-servers network.
14.2. Review your configured RBAC policies
Use the
rbac-listoption to retrieve the ID of your existing RBAC policies:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Use
rbac-showto view the details of the specific RBAC entry:Copy to Clipboard Copied! Toggle word wrap Toggle overflow
14.3. Delete a RBAC policy
Use the
rbac-listoption to retrieve the ID of your existing RBACs:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Use
rbac-deleteto delete the RBAC, based on it’s ID value:neutron rbac-delete 425cdd5c-c080-4045-a896-31d446551de7
# neutron rbac-delete 425cdd5c-c080-4045-a896-31d446551de7 Deleted rbac_policy: 425cdd5c-c080-4045-a896-31d446551de7Copy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}