0ce46fe8d0
This patch adds policies and enforcement to the Octavia v2 API for load balancers and listeners. Child patches will add the rest of the API. In this patch I also correct some improper functional tests. Change-Id: Id8a2d15c117c54bd45fc8bb76bf71aff1b3c8fe9 Closes-Bug: #1690481
15 lines
629 B
ReStructuredText
15 lines
629 B
ReStructuredText
===========================
|
|
Octavia Sample Policy Files
|
|
===========================
|
|
|
|
The sample policy.json files described here can be copied into
|
|
/etc/octavia/policy.json to override the default RBAC policy for Octavia.
|
|
|
|
admin_or_owner-policy.json
|
|
--------------------------
|
|
This policy file disables the requirement for load-balancer service users to
|
|
have one of the load-balancer:* roles. It provides a similar policy to
|
|
legacy OpenStack policies where any user or admin has access to load-balancer
|
|
resources that they own. Users with the admin role has access to all
|
|
load-balancer resources, whether they own them or not.
|