In our OpenStack we have some intranet external networks as well as public ones. At the moment if I allow access from the project to both networks, users can assign as many floating IP addresses as they are allowed by Quota. What we want to achive for example is to have no restriction on intranet but only allow one public IP per project. From what I've read you should be able to do it using keystone policy? Does anyone have any usefull examples how we can do it, or some usefully resources where to start, so far I coudn't find anything useful enough as a starting point.
Asked
Active
Viewed 39 times
