9a16e9114f
Add new system scope specific RBAC rules for the transport key API. The new rules tighten the policy to only allow system admins to add or delete transport keys. Change-Id: Icbe81724fb8b4f28fc4b5d24afe2618e759fcbad
11 lines
367 B
YAML
11 lines
367 B
YAML
---
|
|
features:
|
|
- |
|
|
Implement secure-rbac for transportkeys resource.
|
|
security:
|
|
- |
|
|
The current policy allows users with the admin role to add or delete
|
|
transport keys. This interface was only ever intended to be used by
|
|
system admins, and so it has been restricted using the new policy
|
|
to the system admin only (admins with system_scope:all).
|