OpenStack Identity (Keystone)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

311 lines
4.3 KiB

.. -*- rst -*-
==========
Policies
==========
.. warning::
The ``policies`` API is deprecated. Keystone is not a policy management
service. Do not use this.
A policy is an arbitrarily serialized policy engine rule set to be
consumed by a remote service.
You encode policy rule sets into a blob that remote services can
consume. To do so, set ``type`` to ``application/json`` and specify
policy rules as JSON strings in a ``blob``. For example:
::
{
"blob":{
"foobar_user":[
"role:compute-user"
]
}
}
Create policy
=============
.. rest_method:: POST /v3/policies
Creates a policy.
Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/policies``
Request
-------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- policy: policy
- type: policy_type
- blob: policy_blob_str
Example
~~~~~~~
.. literalinclude:: ./samples/admin/policy-create-request.json
:language: javascript
Response
--------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- links: policy_links
- blob: policy_blob_str
- policy: policy
- type: policy_type
- id: policy_id
Status Codes
~~~~~~~~~~~~
.. rest_status_code:: success status.yaml
- 201
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 405
- 409
- 413
- 415
- 503
List policies
=============
.. rest_method:: GET /v3/policies
Lists policies.
Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/policies``
Request
-------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- type: policy_type_query
Response
--------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- links: policy_links
- blob: policy_blob_obj
- policies: policies
- type: policy_type
- id: policy_id
Status Codes
~~~~~~~~~~~~
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 405
- 413
- 503
Example
~~~~~~~
.. literalinclude:: ./samples/admin/policies-list-response.json
:language: javascript
Show policy details
===================
.. rest_method:: GET /v3/policies/{policy_id}
Shows details for a policy.
Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/policy``
Request
-------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- policy_id: policy_id_path
Response
--------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- links: policy_links
- blob: policy_blob_obj
- policy: policy
- type: policy_type
- id: policy_id
Status Codes
~~~~~~~~~~~~
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 405
- 413
- 503
Example
~~~~~~~
.. literalinclude:: ./samples/admin/policy-show-response.json
:language: javascript
Update policy
=============
.. rest_method:: PATCH /v3/policies/{policy_id}
Updates a policy.
Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/policy``
Request
-------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- policy_id: policy_id_path
- policy: policy
- type: policy_type
- blob: policy_blob_obj
Example
~~~~~~~
.. literalinclude:: ./samples/admin/policy-update-request.json
:language: javascript
Response
--------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- links: policy_links
- blob: policy_blob_obj
- policy: policy
- type: policy_type
- id: policy_id
Status Codes
~~~~~~~~~~~~
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 405
- 409
- 413
- 415
- 503
Example
~~~~~~~
.. literalinclude:: ./samples/admin/policy-update-response.json
:language: javascript
Delete policy
=============
.. rest_method:: DELETE /v3/policies/{policy_id}
Deletes a policy.
Relationship: ``https://docs.openstack.org/api/openstack-identity/3/rel/policy``
Request
-------
Parameters
~~~~~~~~~~
.. rest_parameters:: parameters.yaml
- policy_id: policy_id_path
Response
--------
Status Codes
~~~~~~~~~~~~
.. rest_status_code:: success status.yaml
- 204
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 405
- 409
- 413
- 415
- 503