a0bc52c81a
Add new system scope specific RBAC rules for the quota API. Change-Id: I4fd1676e8ead673b91bad1cc9749147ac5d62d7f
12 lines
416 B
YAML
12 lines
416 B
YAML
---
|
|
features:
|
|
- |
|
|
Implement secure-rbac for quotas resource.
|
|
security:
|
|
- |
|
|
The current policy only allows users with the key-manager:service-admin
|
|
role to list, get, add, update or delete project quotas. The new
|
|
policy allows system readers to list quotas and get quotas for specific
|
|
projects and system admins (role:admin and system_scope:all) to add,
|
|
update and delete project quotas.
|