When a user attempts to delete a Cinder volume it is stuck in the deleting state and fails with the error Failed to delete volume with name or ID '############################': Policy doesn't allow volume_extension:volume_admin_actions:force_delete to be performed.""

VIO 7.x

This issue occurs when a user without admin privileges tries to delete a volume.

We see the below errors in the logs

cinder-api.log:

2025-01-08 08:57:28.829 11 ERROR cinder.policy [req-####################################################################] Policy check for volume_extension:volume_admin_actions:force_delete failed with credentials {'is_admin': False, 'user_id': '###################################', 'user_domain_id': '####################', 'system_scope': None, 'domain_id': None, 'project_id': '############################', 'project_domain_id': '##########################', 'roles': ['load-balancer_member', 'reader', 'member'], 'is_admin_project': False, 'service_user_id': None, 'service_user_domain_id': None, 'service_project_id': None, 'service_project_domain_id': None, 'service_roles': []}: cinder.exception.PolicyNotAuthorized: Policy doesn't allow volume_extension:volume_admin_actions:force_delete to be performed.\x1b[00m

The user needs to be assigned either a project member, project admin or system admin role that has privileges to delete a volume

https://docs.openstack.org/cinder/2024.2/configuration/block-storage/policy-personas.html