0faf224610
Add new project scope specific RBAC rules for the containers API. The old rules still apply, but eventually will be deprecated. The new rules do include some changes to default policy, which are documented in the release note. Change-Id: I992e32832fee258ffb7b6397710f42759f28083d
14 lines
481 B
YAML
14 lines
481 B
YAML
---
|
|
features:
|
|
- |
|
|
Implement secure-rbac for containers resource.
|
|
security:
|
|
- |
|
|
The new secure-rbac policy allows secrets to be added and removed from
|
|
containers by members. This is a change from the previous policy which
|
|
only allowed admins to add and remove secrets.
|
|
- |
|
|
The new secure-rbac policy allows for container deletion by members.
|
|
This is a change from the previous policy that only allowed deletion
|
|
by the creator or the project admin.
|