openstack
/
keystone
Code Issues Proposed changes

Add link to describe Principle of Least Privilege 

Add a link to the vision reflection to clarify the meaning of the
Principle of Least Privilege, which is a significant theme in our vision
document.

Change-Id: Iad751761fcc143f4549a19c4c3d262bbee0419c4
This commit is contained in:
Colleen Murphy 2019-06-18 12:05:09 -07:00
parent 6f6f78c211
commit 0f7a1c47c8
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/source/contributor/vision-reflection.rst
View File

@ -108,7 +108,7 @@ Customizable Integration
In service of supporting customizable integration both between OpenStack
services and from client applications, keystone has an ongoing mission to
fulfill the Principle of Least Privilege and permit the cloud consumer to
fulfill the `Principle of Least Privilege`_ and permit the cloud consumer to
delegate only the minimum permissions needed to an application. Keystone works
to provide this both through reforming OpenStack policy to make it easier to
manage across services, and by providing new mechanisms such as application
@ -129,5 +129,7 @@ Secure by Design
Keystone strives to be secure by design, by making opinionated choices about the
default security configuration. Making it easier to administer fine-grained
access control in support of the Principle of Least Privilege is an ongoing
access control in support of the `Principle of Least Privilege`_ is an ongoing
effort.
.. _Principle of Least Privilege: https://en.wikipedia.org/wiki/Principle_of_least_privilege