Support to specify user_id for key-pair for VM deploy

Registered by Divya K Konoor

Currently, the key-pairs generated using nova apis are associated with a specific user. At the time of key-pair creation, the nova api provides an option to pass a user_id in the request body . If the user_id is present in the request body, the generated key-pair is associated with the specified user_id;otherwise, the user_id is extracted from the nova context . Support for passing user_id in the request body enables an administrator (for eg. someone with an 'admin' role) to generate a key-pair on behalf on another user in the project.

However, nova api currently does not support the option of an admin user to deploy a VM with a key-pair that belongs to another user in the same project. This basically means that the admin user can create a key-pair for another user by passing in the other user's user_id as an input in the create key-pair nova API call but cannot deploy a VM on behalf of that user.

As part, of this blueprint, we propose changes such that an admin user can pass in 'user_id' as input via request body for a deploy VM flow. If the user_id is present in the request body, this user_id will be considered as the first priority while retrieving information on the key-pairs; otherwise, the user_id value is obtained from the nova context object. This change will enable an admin user to be able to deploy VMs using key-pairs that are associated with another user in the same project.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Divya K Konoor
Direction:
Needs approval
Assignee:
Praveen Kapoor
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Gerrit topic: https://review.openstack.org/#q,topic:bp/input-user-id-keypair,n,z

Addressed by: https://review.openstack.org/382588
    Allow admin users to pass key_name corresponding to another user and deploy a VM successfully

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.