The identity service consumed default roles and additional scopes during the Stein release. This session is meant to describe the work, what it means for users, how operators can benefit from it, and how other services can leverage it to improve security and consistency across OpenStack.
We will briefly introduce the topic, concept of scopes, and default roles. Next, we'll go through how developers can make various compute APIs more self-serviceable to all users. Additionally, we'll look at ways to implement better hard tenancy. Finally, we'll look at refactoring that allows for a single layer of policy enforcement in the compute API as opposed to existing implementations sprinkled across various components of the stack. We're using the compute API as an example, but these cases are applicable to services across OpenStack and not just the compute API.
Operators, users, and developers are welcome to attend. The majority of the content will focus on operators and users, but focus can shift to discussing how other services can adapt and learn from the patterns the identity team implemented during Stein. Outcomes from this session will shape developer-focused sessions at the PTG later in the week.