User that has been assigned admin role within their project gets treated as de-fact admin in Glance even when project scoped "Secure RBAC" feature is enabled. Secure RBAC personas were introduced in Wallaby cycle creating project scope. If user is granted admin rights within the project scope based on the Secure RBAC roles model the user gets treated as admin in Glance. stack@ubnt-devstack:~/devstack$ openstack project create --enable privilege-test /usr/lib/python3/dist-packages/secretstorage/dhcrypto.py:15: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead from cryptography.utils import int_from_bytes /usr/lib/python3/dist-packages/secretstorage/util.py:19: CryptographyDeprecationWarning: int_from_bytes is deprecated, use int.from_bytes instead from cryptography.utils import int_from_bytes +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | | | domain_id | default | | enabled | True | | id | ed7b2d168e444122b9700701834e8d97 | | is_domain | False | | name | privilege-test | | options | {} | | parent_id | default | | tags | [] | +-------------+----------------------------------+ NOTE THE PROJECT ID. stack@ubnt-devstack:~/devstack$ openstack user create --project privilege-test --password --email