diff options
author | Vincent Cojot <vcojot@redhat.com> | 2017-04-19 01:29:53 +0530 |
---|---|---|
committer | Vincent Cojot <vcojot@redhat.com> | 2017-04-19 01:29:53 +0530 |
commit | c1fccc6537b6dc1a07ee38fbcf6a76a147e095b8 (patch) | |
tree | facc344f5750518928198fd517b875e8f8ed34f3 /README.md | |
parent | fcfa4a6d8b1640a905c4977cdfabfce718dfb8ac (diff) | |
download | openstack-access-policy-c1fccc6537b6dc1a07ee38fbcf6a76a147e095b8.tar.gz openstack-access-policy-c1fccc6537b6dc1a07ee38fbcf6a76a147e095b8.tar.xz openstack-access-policy-c1fccc6537b6dc1a07ee38fbcf6a76a147e095b8.zip |
Update README.md
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 18 |
1 files changed, 17 insertions, 1 deletions
@@ -12,4 +12,20 @@ This project includes several areas: both the undercloud and overcloud. An ASCII version of the MOP is provided in this repository. -This work on the 'readonly' was a request of the VZW HQ Planning group.
\ No newline at end of file +This work on the 'readonly' was a request of the VZW HQ Planning group. + +Here is how it works: + +On the undercloud, as the 'stack' user perform the following steps: + +1) source stackrc +2) git clone https://gitlab.cee.redhat.com/vcojot/OSP-Readonly-Policies/tree/master +3) ./policydir/files/push_readonly_policies_to_overcloud.sh + +(this will auto-detect the controllers and push the appropriate policies) + +To restrict a user, then simply do add the 'readonly' role to the user, do a: +openstack role add --project <tenant_name> --user <user_name> readonly + +To lift the restrictions and re-enable modifications to the overcloud, do a: +openstack role remove --project <tenant_name> --user <user_name> readonly |