335c00ac18
This patch adds policies and enforcement to the Octavia v2 API for quotas. Change-Id: I5f2fa38973fce595ea3ec03cdff924336e0e71c8 Partial-Bug: #1690481 |
||
|---|---|---|
| .. | ||
| README.rst | ||
| admin_or_owner-policy.json | ||
| octavia-policy-generator.conf | ||
README.rst
Octavia Sample Policy Files
The sample policy.json files described here can be copied into /etc/octavia/policy.json to override the default RBAC policy for Octavia.
admin_or_owner-policy.json
This policy file disables the requirement for load-balancer service users to have one of the load-balancer:* roles. It provides a similar policy to legacy OpenStack policies where any user or admin has access to load-balancer resources that they own. Users with the admin role has access to all load-balancer resources, whether they own them or not.