openstack/python-openstackclient
Code Issues Proposed changes
3205dad161
python-openstackclient/doc/source/command-objects/network-rbac.rst
Huanxuan Ao fac3214581 Implement "network rbac set" command 
Add "network rbac set" command which just supports
setting a target project.
Also, This patch adds the doc, unit test and functional test.
But there is a bug of showing network RBAC
https://bugs.launchpad.net/python-openstacksdk/+bug/1608903
We need to skip the functional test before this bug fixed.

Change-Id: I756f448bb333cf1098a735e57a1c5dc4edf195d4
Partially-Implements: blueprint neutron-client-rbac
2016-08-03 10:49:57 +08:00

2.9 KiB
Raw Blame History

network rbac

A network rbac is a Role-Based Access Control (RBAC) policy for network resources. It enables both operators and users to grant access to network resources for specific projects.

Network v2

network rbac create

Create network RBAC policy

network rbac create

os network rbac create
    --type <type>
    --action <action>
    --target-project <target-project> [--target-project-domain <target-project-domain>]
    [--project <project> [--project-domain <project-domain>]]
    <rbac-policy>

--type <type>

Type of the object that RBAC policy affects ("qos_policy" or "network") (required)

--action <action>

Action for the RBAC policy ("access_as_external" or "access_as_shared") (required)

--target-project <target-project>

The project to which the RBAC policy will be enforced (name or ID) (required)

--target-project-domain <target-project-domain>

Domain the target project belongs to (name or ID). This can be used in case collisions between project names exist.

--project <project>

The owner project (name or ID)

--project-domain <project-domain>

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

The object to which this RBAC policy affects (name or ID for network objects, ID only for QoS policy objects)

network rbac delete

Delete network RBAC policy(s)

network rbac delete

os network rbac delete
    <rbac-policy> [<rbac-policy> ...]




RBAC policy(s) to delete (ID only)

network rbac list

List network RBAC policies

network rbac list

os network rbac list

network rbac set

Set network RBAC policy properties

network rbac set

os network rbac set
    [--target-project <target-project> [--target-project-domain <target-project-domain>]]
    <rbac-policy>

--target-project <target-project>

The project to which the RBAC policy will be enforced (name or ID)

--target-project-domain <target-project-domain>

Domain the target project belongs to (name or ID). This can be used in case collisions between project names exist.

RBAC policy to be modified (ID only)

network rbac show

Display network RBAC policy details

network rbac show

os network rbac show
    <rbac-policy>




RBAC policy (ID only)