cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rohit Yadav <>
Subject Re: [DISCUSS] Users being unable to tag resources they create
Date Mon, 08 Apr 2019 09:07:37 GMT
Hi Anurag,

This is what I understand:

- An owner should be able to tag the resources they own

- In case of a project, the owner is a special project account (type 5) which owns resources
held by itself however a project user can either be 'Admin' or 'Regular' user. I think an
`Admin` user of the project should be allowed to tag resources of the project irrespective
of the general account role in cloudstack, subject to availability of the APIs (determined
by their general account role).


Rohit Yadav

Software Architect, ShapeBlue

From: Anurag Awasthi <>
Sent: Monday, April 8, 2019 10:38:22 AM
Subject: [DISCUSS] Users being unable to tag resources they create

Hi all,

I saw an open issue which in summary says
that users cannot tag "Projects" they created themselves. Tagging is allowed for Root Admin
and Domain Admins but not by "user". I read the code and it seems an intended implementation
of "create tags" API.

This seems an inconsistency since we allow users to create Projects. I saw a thread on users@
list which was also similar but for "firewall" resource.

My questions were as follows -

  1.  Is this by design and documented somewhere?
  2.  Shouldn't users who are allowed to create a resource also be allowed to tag the resources
they create besides root/domain admins?

You can test this as described in the issue above.

Amadeus House, Floral Street, London  WC2E 9DPUK

Amadeus House, Floral Street, London  WC2E 9DPUK

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message