openstack
/
openstack-manuals
Code Issues Proposed changes
openstack-manuals/doc/common/samples/restrict_roles2.json

346 lines
7.6 KiB
JSON
Raw Blame History

{
"admin_or_owner": [
[
"role:admin"
],
[
"project_id:%(project_id)s"
]
],
"default": [
[
"rule:admin_or_owner"
]
],
"compute:create": [
"role:compute-user"
],
"compute:create:attach_network": [
"role:compute-user"
],
"compute:create:attach_volume": [
"role:compute-user"
],
"compute:get_all": [
"role:compute-user"
],
"compute:unlock_override": [
"rule:admin_api"
],
"admin_api": [
[
"role:admin"
]
],
"compute_extension:accounts": [
[
"rule:admin_api"
]
],
"compute_extension:admin_actions": [
[
"rule:admin_api"
]
],
"compute_extension:admin_actions:pause": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:unpause": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:suspend": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:resume": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:lock": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:unlock": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:resetNetwork": [
[
"rule:admin_api"
]
],
"compute_extension:admin_actions:injectNetworkInfo": [
[
"rule:admin_api"
]
],
"compute_extension:admin_actions:createBackup": [
[
"rule:admin_or_owner"
]
],
"compute_extension:admin_actions:migrateLive": [
[
"rule:admin_api"
]
],
"compute_extension:admin_actions:migrate": [
[
"rule:admin_api"
]
],
"compute_extension:aggregates": [
[
"rule:admin_api"
]
],
"compute_extension:certificates": [
"role:compute-user"
],
"compute_extension:cloudpipe": [
[
"rule:admin_api"
]
],
"compute_extension:console_output": [
"role:compute-user"
],
"compute_extension:consoles": [
"role:compute-user"
],
"compute_extension:createserverext": [
"role:compute-user"
],
"compute_extension:deferred_delete": [
"role:compute-user"
],
"compute_extension:disk_config": [
"role:compute-user"
],
"compute_extension:evacuate": [
[
"rule:admin_api"
]
],
"compute_extension:extended_server_attributes": [
[
"rule:admin_api"
]
],
"compute_extension:extended_status": [
"role:compute-user"
],
"compute_extension:flavorextradata": [
"role:compute-user"
],
"compute_extension:flavorextraspecs": [
"role:compute-user"
],
"compute_extension:flavormanage": [
[
"rule:admin_api"
]
],
"compute_extension:floating_ip_dns": [
"role:compute-user"
],
"compute_extension:floating_ip_pools": [
"role:compute-user"
],
"compute_extension:floating_ips": [
"role:compute-user"
],
"compute_extension:hosts": [
[
"rule:admin_api"
]
],
"compute_extension:keypairs": [
"role:compute-user"
],
"compute_extension:multinic": [
"role:compute-user"
],
"compute_extension:networks": [
[
"rule:admin_api"
]
],
"compute_extension:quotas": [
"role:compute-user"
],
"compute_extension:rescue": [
"role:compute-user"
],
"compute_extension:security_groups": [
"role:compute-user"
],
"compute_extension:server_action_list": [
[
"rule:admin_api"
]
],
"compute_extension:server_diagnostics": [
[
"rule:admin_api"
]
],
"compute_extension:simple_tenant_usage:show": [
[
"rule:admin_or_owner"
]
],
"compute_extension:simple_tenant_usage:list": [
[
"rule:admin_api"
]
],
"compute_extension:users": [
[
"rule:admin_api"
]
],
"compute_extension:virtual_interfaces": [
"role:compute-user"
],
"compute_extension:virtual_storage_arrays": [
"role:compute-user"
],
"compute_extension:volumes": [
"role:compute-user"
],
"compute_extension:volume_attachments:index": [
"role:compute-user"
],
"compute_extension:volume_attachments:show": [
"role:compute-user"
],
"compute_extension:volume_attachments:create": [
"role:compute-user"
],
"compute_extension:volume_attachments:delete": [
"role:compute-user"
],
"compute_extension:volumetypes": [
"role:compute-user"
],
"volume:create": [
"role:compute-user"
],
"volume:get_all": [
"role:compute-user"
],
"volume:get_volume_metadata": [
"role:compute-user"
],
"volume:get_snapshot": [
"role:compute-user"
],
"volume:get_all_snapshots": [
"role:compute-user"
],
"network:get_all_networks": [
"role:compute-user"
],
"network:get_network": [
"role:compute-user"
],
"network:delete_network": [
"role:compute-user"
],
"network:disassociate_network": [
"role:compute-user"
],
"network:get_vifs_by_instance": [
"role:compute-user"
],
"network:allocate_for_instance": [
"role:compute-user"
],
"network:deallocate_for_instance": [
"role:compute-user"
],
"network:validate_networks": [
"role:compute-user"
],
"network:get_instance_uuids_by_ip_filter": [
"role:compute-user"
],
"network:get_floating_ip": [
"role:compute-user"
],
"network:get_floating_ip_pools": [
"role:compute-user"
],
"network:get_floating_ip_by_address": [
"role:compute-user"
],
"network:get_floating_ips_by_project": [
"role:compute-user"
],
"network:get_floating_ips_by_fixed_address": [
"role:compute-user"
],
"network:allocate_floating_ip": [
"role:compute-user"
],
"network:deallocate_floating_ip": [
"role:compute-user"
],
"network:associate_floating_ip": [
"role:compute-user"
],
"network:disassociate_floating_ip": [
"role:compute-user"
],
"network:get_fixed_ip": [
"role:compute-user"
],
"network:add_fixed_ip_to_instance": [
"role:compute-user"
],
"network:remove_fixed_ip_from_instance": [
"role:compute-user"
],
"network:add_network_to_project": [
"role:compute-user"
],
"network:get_instance_nw_info": [
"role:compute-user"
],
"network:get_dns_domains": [
"role:compute-user"
],
"network:add_dns_entry": [
"role:compute-user"
],
"network:modify_dns_entry": [
"role:compute-user"
],
"network:delete_dns_entry": [
"role:compute-user"
],
"network:get_dns_entries_by_address": [
"role:compute-user"
],
"network:get_dns_entries_by_name": [
"role:compute-user"
],
"network:create_private_dns_domain": [
"role:compute-user"
],
"network:create_public_dns_domain": [
"role:compute-user"
],
"network:delete_dns_domain": [
"role:compute-user"
]
}
View Git Blame Copy Permalink