From a391178c218f08b0c5e7580b5a4b79513ebffcc2 Mon Sep 17 00:00:00 2001 From: Salvatore Orlando Date: Wed, 17 Jun 2015 04:36:02 -0700 Subject: [PATCH] Add policy files specific to NSX plugins This patch simply adds a 'policy' directory with a few json files into ./etc/neutron/plugins/vmware to provide default policies specific to the VMware NSX plugin family. These policy files can be loaded leveraging the policy_dirs configuration option. Change-Id: Icce41a6ee63715bc145694f27a2166a7fa884dba --- .../plugins/vmware/policy/network-gateways.json | 10 ++++++++++ etc/neutron/plugins/vmware/policy/routers.json | 7 +++++++ 2 files changed, 17 insertions(+) create mode 100644 etc/neutron/plugins/vmware/policy/network-gateways.json create mode 100644 etc/neutron/plugins/vmware/policy/routers.json diff --git a/etc/neutron/plugins/vmware/policy/network-gateways.json b/etc/neutron/plugins/vmware/policy/network-gateways.json new file mode 100644 index 00000000000..48575070898 --- /dev/null +++ b/etc/neutron/plugins/vmware/policy/network-gateways.json @@ -0,0 +1,10 @@ +{ + "create_network_gateway": "rule:admin_or_owner", + "update_network_gateway": "rule:admin_or_owner", + "delete_network_gateway": "rule:admin_or_owner", + "connect_network": "rule:admin_or_owner", + "disconnect_network": "rule:admin_or_owner", + "create_gateway_device": "rule:admin_or_owner", + "update_gateway_device": "rule:admin_or_owner", + "delete_gateway_device": "rule_admin_or_owner" +} diff --git a/etc/neutron/plugins/vmware/policy/routers.json b/etc/neutron/plugins/vmware/policy/routers.json new file mode 100644 index 00000000000..48665dba836 --- /dev/null +++ b/etc/neutron/plugins/vmware/policy/routers.json @@ -0,0 +1,7 @@ +{ + "create_router:external_gateway_info:enable_snat": "rule:admin_or_owner", + "create_router:distributed": "rule:admin_or_owner", + "get_router:distributed": "rule:admin_or_owner", + "update_router:external_gateway_info:enable_snat": "rule:admin_or_owner", + "update_router:distributed": "rule:admin_or_owner" +}