Merge "Modify "policy.conf" to "policy.json""
This commit is contained in:
commit
2983c4ecb0
@ -34,7 +34,7 @@ There are several problems for current API policy.
|
||||
the APIs.
|
||||
|
||||
* More easy way to override default policy settings for deployer. And
|
||||
Currently all the API(EC2, V2, V2.1) rules mix in one policy.conf file.
|
||||
Currently all the API(EC2, V2, V2.1) rules mix in one policy.json file.
|
||||
|
||||
These are the kinds of things we need to make easier:
|
||||
|
||||
@ -47,7 +47,7 @@ redundant check in the compute API can confuse developers and deployers.
|
||||
3. Operator can specify different rules for APIs that in same extension.
|
||||
|
||||
4. Operator can override the default policy rule easily without mixing his own
|
||||
config and default config in one policy.conf file.
|
||||
config and default config in one policy.json file.
|
||||
|
||||
Future of policy enforcement
|
||||
----------------------------
|
||||
@ -134,7 +134,7 @@ After group the policy rules for different API, we can separate them into
|
||||
different files. Then deployer will more clear for which rule he can set for
|
||||
specific API. The rules can be grouped as below:
|
||||
|
||||
* policy.conf: It only contains the generic rule, like:
|
||||
* policy.json: It only contains the generic rule, like:
|
||||
|
||||
::
|
||||
"context_is_admin": "role:admin",
|
||||
|
Loading…
x
Reference in New Issue
Block a user