Difference between revisions of "Meetings/KeystoneMeeting"
< Meetings
(→Main Agenda) |
(→Agenda for next meeting) |
||
Line 17: | Line 17: | ||
* DocImpact <code>stevemar</code> | * DocImpact <code>stevemar</code> | ||
** using DocImpact will now create a bug against the keystone project | ** using DocImpact will now create a bug against the keystone project | ||
+ | * ISO27001 Compliance <code>ayoung</code> | ||
+ | ** Is SQL Backend compliance a requirement? | ||
* Policy and RBAC <code>ayoung</code> | * Policy and RBAC <code>ayoung</code> | ||
** Now that we have is_admin_project how do we deploy without breaking existing policy | ** Now that we have is_admin_project how do we deploy without breaking existing policy |
Revision as of 16:33, 2 February 2016
Contents
Weekly Keystone team meeting
If you're interested in identity, authentication, authorization, and/or policy for OpenStack, we hold public meetings weekly on IRC in #openstack-meeting
, on Tuesdays at 18:00 UTC. Please feel free to add items to the agenda below with your name and we'll cover them.
Regular attendees
Add yourself to this list to be pinged prior to each meeting:
ajayaa, amakarov, ayoung, breton, browne, davechen, david8hu, dolphm, dstanek, ericksonsantos, geoffarnold, gyee, henrynash, hogepodge, htruta, jamielennox, joesavak, lbragstad, lhcheng, marekd, morganfainberg, nkinder, raildo, rodrigods, roxanaghe, samueldmq, shaleh, stevemar, tsymanczyk, topol, vivekd, wanghong, claudiub, rderose, samleon, xek, MaxPC, tjcocozz
Agenda for next meeting
Main Agenda
Please add agenda items to the bottom of this section's list (be sure to include your irc_handle
!).
2016-02-02
- DocImpact
stevemar
- using DocImpact will now create a bug against the keystone project
- ISO27001 Compliance
ayoung
- Is SQL Backend compliance a requirement?
- Policy and RBAC
ayoung
- Now that we have is_admin_project how do we deploy without breaking existing policy
- Can we do the equivalent of deprecations for the current policy.json file
- Can existing policy files should be limited to scope checks
- Can we layer new RBAC policy on top of existing policy without breaking?
- please approve Implied Roles. Any more nits should be filed as bugs. https://review.openstack.org/#/c/242614/
- Expanding rules in the token can be disabled
- Do we want to autogenerate a policy.json fragment?
- Inference rules still required to break a large role down to smaller for least privilege.
Review of Keystone Blueprints for No-Spec Requires Status
Please add BPs to the bottom of this sections list that should be reviewed as not requiring a spec (include your irc_handle
!).
- Return request Id to caller
bknudson
Keystone Weekly Bug Reports
Bugs for the various Keystone repositories are collects and published to the following links. (lbragstad
)
Previous meetings
Logs and meeting summaries of previous meetings are located here.