...
Then remove the RBAC rule , that allows all project to access "test-ext"with the corresponding object_id . object_id
is the network ID. There should only be one RBAC rule with the object_id of the network we are working with here.
Code Block |
---|
$ neutron rbac-list +--------------------------------------+-------------+--------------------------------------+ | id | object_type | object_id | +--------------------------------------+-------------+--------------------------------------+ | c1d8506f-a9a2-4f93-9921-0a8969dac3d8 | network | 50a80b8c-d06c-4b53-97f2-6c0b9f9a405c | | e8abdcf5-1bdd-4087-82bf-26dc08bf0fa1 | network | dfc8c97d-8cf1-4b4a-9d42-f2cd184b4540 | +--------------------------------------+-------------+--------------------------------------+ $ neutron rbac-delete <object_id><id> |
Create a new RBAC rule for "test-ext", that states access for given projects only. You need one RBAC rule per project:
...