heat engine : Allow instance users to view their own details
So that cfn-hup can read instance metadata via the DescribeStackResource
API call, we need non-admin "instance users" to be allowed to read their
own AccessKey resource details (since it can-be/is referenced in the
instance resource metadata). The change in this patch should allow non-admin
users to read *only their own* secret AccessKey, and leave existing admin-user
visibility of the AccessKey resources unchanged.
Change-Id: Ic26d614d8e30104fbb354a67d3376b5d995ae8cc Signed-off-by: Steven Hardy <shardy@redhat.com>
Code Review / openstack-build / heat-build.git / commit