You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
1.3 KiB
55 lines
1.3 KiB
# == Class: barbican::policy |
|
# |
|
# Configure the barbican policies |
|
# |
|
# === Parameters |
|
# |
|
# [*enforce_scope*] |
|
# (Optional) Whether or not to enforce scope when evaluating policies. |
|
# Defaults to $::os_service_default. |
|
# |
|
# [*policies*] |
|
# (Optional) Set of policies to configure for barbican |
|
# Example : |
|
# { |
|
# 'barbican-context_is_admin' => { |
|
# 'key' => 'context_is_admin', |
|
# 'value' => 'true' |
|
# }, |
|
# 'barbican-default' => { |
|
# 'key' => 'default', |
|
# 'value' => 'rule:admin_or_owner' |
|
# } |
|
# } |
|
# Defaults to empty hash. |
|
# |
|
# [*policy_path*] |
|
# (Optional) Path to the barbican policy.yaml file |
|
# Defaults to /etc/barbican/policy.yaml |
|
# |
|
class barbican::policy ( |
|
$enforce_scope = $::os_service_default, |
|
$policies = {}, |
|
$policy_path = '/etc/barbican/policy.yaml', |
|
) { |
|
|
|
include barbican::deps |
|
include barbican::params |
|
|
|
validate_legacy(Hash, 'validate_hash', $policies) |
|
|
|
Openstacklib::Policy::Base { |
|
file_path => $policy_path, |
|
file_user => 'root', |
|
file_group => $::barbican::params::group, |
|
file_format => 'yaml', |
|
} |
|
|
|
create_resources('openstacklib::policy::base', $policies) |
|
|
|
oslo::policy { 'barbican_config': |
|
enforce_scope => $enforce_scope, |
|
policy_file => $policy_path |
|
} |
|
|
|
}
|
|
|