Arif Ali
1e56ae1ff6
* Add the other hosts * Update keystone policy override to mimic default plus addition * nova policy extra line
13 lines
755 B
YAML
13 lines
755 B
YAML
# default rules
|
|
# https://docs.openstack.org/nova/ussuri/configuration/policy.html
|
|
|
|
context_is_tenantLead: role:tenantLead
|
|
|
|
os_compute_api:os-admin-actions:reset_state: rule:context_is_tenantLead or rule:system_admin_api
|
|
os_compute_api:os-aggregates:index: rule:context_is_tenantLead or rule:system_reader_api
|
|
os_compute_api:os-aggregates:show: rule:context_is_tenantLead or rule:system_reader_api
|
|
os_compute_api:os-availability-zone:detail: rule:context_is_tenantLead or rule:system_reader_api
|
|
os_compute_api:os-extended-server-attributes: rule:context_is_tenantLead or rule:system_admin_api
|
|
os_compute_api:os-hosts: rule:context_is_tenantLead or rule:admin_api
|
|
os_compute_api:os-hypervisors:servers: rule:context_is_tenantLead or rule:system_reader_api
|