Add reference for RBAC policy change

kgube · fkr · commit 6bcff46f24ef · 2025-03-25T08:00:25.000+01:00
Signed-off-by: Konrad Gube &lt;konrad.gube@cloudandheat.com&gt;
diff --git a/Standards/scs-xxxx-v1-provider-network-standard.md b/Standards/scs-xxxx-v1-provider-network-standard.md
@@ -218,6 +218,7 @@ CSPs **MUST** externally route any public IP addresses allocated from subnets of
 CSPs **MUST** provide dynamic routing for all project-allocated public IP-prefixes via the standard provider network.
 
 By default, users **SHOULD** be prohibited by policy from creating Networking RBAC rules, to prevent the creation of faux provider networks.
+The necessary policy change to implement this restriction for the Neutron API can be found in the Networking RBAC documentation [^rbac].
 
 ## Conformance Tests
 
@@ -231,3 +232,4 @@ By default, users **SHOULD** be prohibited by policy from creating Networking RB
 [^pf]: <https://docs.openstack.org/api-ref/network/v2/index.html#floating-ips-port-forwarding>
 [^ds]: <https://docs.openstack.org/neutron/2024.1/admin/config-ipv6.html>
 [^aa]: <https://docs.openstack.org/neutron/2024.1/admin/config-auto-allocation.html>
+[^rbac]: <https://docs.openstack.org/neutron/2024.1/admin/config-rbac.html#preventing-regular-users-from-sharing-objects-with-each-other>
