HTTP 403 Forbidden: You are not authorized to complete publicize_image action [Openstack Glance]

Updated on September 5, 2023

I hope you have read my Openstack API articles to provide access to Openstack services through REST APIs. When my client tried to access a glance image for his VM creation, they ended up with an error: Not authorized for image a62daa1b-2fba-47ad-8008-538cd88f306c. The complete error from the glance api.log is as follows:

2022-01-05 09:49:51.322 21697 DEBUG glance.api.v2.images [req-dda8fa7d-128c-4020-b1bc-034427d0c0fd 6afdeddd359941e59a14ecc801059b76 5419eecd22c04417a29a22ce7956ee49 - default default] User not permitted to retrieve images index index /usr/lib/python2.7/site-packages/glance/api/v2/images.py:228

Received the same error when I tried to do the same from the Horizon dashboard and no images were listed.

Error: Forbidden. Insufficient permissions of the requested operation Error: Unable to retrieve the images.

Also when trying to create a public image, I got the below error.

clean_up CreateImage: HTTP 403 Forbidden: You are not authorized to complete publicize_image action.

Seems like both the errors are linked to each other with the same cause.

Solution:

The file /etc/glance/policy.json defines additional access controls that apply to the glance image service. For some reason, either this file has a permission issue, or is unavailable or the policies in the file are restricting to access the images. In my case, I had moved the file and the policy.json file was empty! I reverted back to the original default contents file and restarted the glance service as below.

# systemctl restart openstack-glance-api

Now it works fine, users are able to use the public image, and the listing of the image is also working on the Horizon dashboard.

Was this article helpful?

Related Articles

Leave a Comment