Restricting instance deletion to the creator.

[correajl]

ISSUE TYPE

• Enhancement Request

CLOUDSTACK VERSION

All

SUMMARY

It will be important if we can restrict deletion of an instance to the creator only.

For example, in a Project with some users. If user A creates an instance, only user A can delete it. This will avoid one user to delete instances from another by mistake.

The main scope of this feature is "Project", where more than one user can delete instances. "Project Admin" should always delete any instance to keep the administration role. But, there should be a role (maybe normal user) under this restriction.

The changes can be made in destroyVirtualMachine() API. API can identify in what Project the instance is, so check if only.owner.delete is true and limit the API actions.

STEPS TO REPRODUCE

Inside a Project, if a user creates an instance, another user can delete it.

EXPECTED RESULTS

Some control as a user can't delete instances that he/she didn't create, or ask for approval from the owner. 

ACTUAL RESULTS

Instances are deleted. 

[weizhouapache]

@correajl
as @NuxRo @rajujith replied in the mailing list, it is not possible for now.

The owner of project resources is the project account, not specific user accounts.

[DaanHoogland]

I don't agree with this functionality, projects are meant for sharing resources. The domain/account hierarchy is meant for this kind of security functionality.