You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Sangeetha Hariharan (JIRA)" <ji...@apache.org> on 2014/05/06 01:06:14 UTC
[jira] [Created] (CLOUDSTACK-6581) IAM - Shared Network -Root Admin
user is allowed to deploy VM in a shared network that is scoped for a
specific domain/account.
Sangeetha Hariharan created CLOUDSTACK-6581:
-----------------------------------------------
Summary: IAM - Shared Network -Root Admin user is allowed to deploy VM in a shared network that is scoped for a specific domain/account.
Key: CLOUDSTACK-6581
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6581
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: IAM
Affects Versions: 4.4.0
Environment: Build from 4.4
Reporter: Sangeetha Hariharan
Priority: Critical
Fix For: 4.4.0
IAM - Shared Network -Root Admin user is allowed to deploy VM in a shared network that is scoped for a specific domain/account.
Steps to reproduce the problem:
Create a admin account for "ROOT" domain.
Create a domain d1 with account a1.
Create a shared network for domain d1 with sub domain access set to true.
Create a shared network for domain d1 with sub domain access set to false.
Create a shared network for account a1 d1 with sub domain access set to false.
As ROOT admin , try to deploy a VM in the above created shared networks.
Vm deployment succeeds.
Expected Result:
ROOT admin should not be allowed to deploy VMs in shared networks that are scoped for a specific domain/account.
--
This message was sent by Atlassian JIRA
(v6.2#6252)