fafabad042
Oslo.policy is moving away from using json format policy files[1]. This patch updates the Octavia documentation, policy configuration file, and legacy admin-or-owner policy file to be in yaml format. Octavia will continue to honor and support the json format file as long as oslo.policy does, but this patch will encourage new deployments to use the yaml format. [1] https://docs.openstack.org/oslo.policy/latest/admin/policy-json-file.html Change-Id: I925cc05981e677c0552b18f845fdbc512d2af22c |
||
|---|---|---|
| .. | ||
| README.rst | ||
| admin_or_owner-policy.yaml | ||
| octavia-policy-generator.conf | ||
README.rst
Octavia Sample Policy Files
The sample policy.yaml files described here can be copied into /etc/octavia/policy.yaml to override the default RBAC policy for Octavia.
admin_or_owner-policy.yaml
This policy file disables the requirement for load-balancer service users to have one of the load-balancer:* roles. It provides a similar policy to legacy OpenStack policies where any user or admin has access to load-balancer resources that they own. Users with the admin role has access to all load-balancer resources, whether they own them or not.