osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

答复: [lists.openstack.org代发][question][placement][rest api][403]


> > On 8/15/2019 1:09 AM, å´?æ??é¦? wrote:

> > This is my problem with placement rest api.(Token and endpoint were

> > OK)

> >

> >          {"errors": [{"status": 403,

> >                           "title": "Forbidden",

> > "detail": "Access was denied to this resource.\n\n Policy does not

> > allow placement:resource_providers:list to be performed.  ",

> >                           "request_id":

> > "req-5b409f22-7741-4948-be6f-ea28c2896a3f"

> >                          }]}



> On 8/16/2019 3:24 PM, Matt Riedemann wrote:

> This doesn't give much information. Does the token have the admin role in it? Has the placement:resource_providers:list

> policy rule been changed from the default (rule:admin_api)?



As Matt said, you should  check you policy limit for your request user, itâ??s default role is â??rule:admin_apiâ?? [1]. If your authenticated user is not admin, then the 403 error is normal.



[1] https://github.com/openstack/placement/blob/master/placement/handlers/resource_provider.py#L178

      https://github.com/openstack/placement/blob/master/placement/policies/resource_provider.py#L51









å??件人: å´?æ??é¦? [mailto:chx769467092 at 163.com]
å??é??æ?¶é?´: 2019å¹´8æ??15æ?¥ 13:21
�件人: openstack-discuss at lists.openstack.org
主é¢?: [lists.openstack.org代å??][question][placement][rest api][403]



This is my problem with placement rest api.(Token and endpoint were OK)



        {"errors": [{"status": 403,

                         "title": "Forbidden",

                         "detail": "Access was denied to this resource.\n\n Policy does not allow placement:resource_providers:list to be performed.  ",

                         "request_id": "req-5b409f22-7741-4948-be6f-ea28c2896a3f"

                        }]}



Regards,

Cuihx





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190819/da36de0d/attachment-0001.html>