openstack-ansible

History

Ian Cordasco 8bebbc6e53 Harden our copy of Glance's policy Most of Glance's current checks are implemented in the API controllers but in Kilo, Glance added the ability to actually define meaningful policy rules around images and image members. In an effort to harden our default config as best as we can, we should check to see if the user trying to perform some of these actions are either an admin or the owner of the image. Change-Id: I2dcf4d828c9be88143174de30a6b59d655ab0539 Closes-bug: 1408363	2015-05-06 13:08:20 +00:00
..
policy.json	Harden our copy of Glance's policy	2015-05-06 13:08:20 +00:00
schema.json	Convert existing roles into galaxy roles	2015-02-18 10:56:25 +00:00

Ian Cordasco 8bebbc6e53 Harden our copy of Glance's policy

Most of Glance's current checks are implemented in the API controllers
but in Kilo, Glance added the ability to actually define meaningful
policy rules around images and image members. In an effort to harden
our default config as best as we can, we should check to see if the
user trying to perform some of these actions are either an admin or the
owner of the image.

Change-Id: I2dcf4d828c9be88143174de30a6b59d655ab0539
Closes-bug: 1408363

2015-05-06 13:08:20 +00:00

policy.json

Harden our copy of Glance's policy

2015-05-06 13:08:20 +00:00

schema.json

Convert existing roles into galaxy roles

2015-02-18 10:56:25 +00:00