Support to specify user_id for key-pair for VM deploy
Currently, the key-pairs generated using nova apis are associated with a specific user. At the time of key-pair creation, the nova api provides an option to pass a user_id in the request body . If the user_id is present in the request body, the generated key-pair is associated with the specified user_id;otherwise, the user_id is extracted from the nova context . Support for passing user_id in the request body enables an administrator (for eg. someone with an 'admin' role) to generate a key-pair on behalf on another user in the project.
However, nova api currently does not support the option of an admin user to deploy a VM with a key-pair that belongs to another user in the same project. This basically means that the admin user can create a key-pair for another user by passing in the other user's user_id as an input in the create key-pair nova API call but cannot deploy a VM on behalf of that user.
As part, of this blueprint, we propose changes such that an admin user can pass in 'user_id' as input via request body for a deploy VM flow. If the user_id is present in the request body, this user_id will be considered as the first priority while retrieving information on the key-pairs; otherwise, the user_id value is obtained from the nova context object. This change will enable an admin user to be able to deploy VMs using key-pairs that are associated with another user in the same project.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Divya K Konoor
- Direction:
- Needs approval
- Assignee:
- Praveen Kapoor
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Allow admin users to pass key_name corresponding to another user and deploy a VM successfully