Go to file

Yuta Kazato 2f959940bc Enhancement of Tacker API Resource Access Control

This specification describes implements of fine-grained
access control based on user and VNF information for API resources.
It will extend user information to include role, VIM information, VNF
instance information,
and implement the policy enforcer that uses not only roles, but also
user and VNF information.
The following items will be supported.

1. Add additional attributes to resources when be created.
2. Change the API process to support Tacker policy checker.
3. Add the Tacker policy filter to the list API processes.
4. Convert special roles to API attributes in context.
5. Add a configuration option and policy samples.

Implements: blueprint enhance-api-policy
Change-Id: Ib8f1c83be1bec3644f0fbead46ccd6ab7c2d4e83

2022-12-28 08:59:08 +09:00

doc

Add 2023.1 specs directory

2022-10-05 14:22:04 +00:00

specs

Enhancement of Tacker API Resource Access Control

2022-12-28 08:59:08 +09:00

.gitignore

Remove testr

2021-06-30 23:53:16 +05:30

.gitreview

OpenDev Migration Patch

2019-04-19 19:35:23 +00:00

.zuul.yaml

import zuul job settings from project-config

2018-08-17 20:15:37 +09:00

LICENSE

Add base tacker-specs framework

2014-06-03 17:55:27 +09:00

README.rst

Change tacker-specs webpage from oslosphinx to openstackdocstheme

2018-03-13 12:41:45 +09:00

setup.cfg

setup.cfg: Replace dashes with underscores

2021-05-18 13:16:39 +05:30

setup.py

Add base tacker-specs framework

2014-06-03 17:55:27 +09:00

test-requirements.txt

Refactor and clean up specs dir

2018-04-05 15:21:56 +09:00

tox.ini

Update min version of tox

2021-05-10 16:51:07 +05:30

README.rst

Team and repository tags

OpenStack Tacker Specifications

This git repository is used to hold approved design specifications for additions to the Tacker project. Reviews of the specs are done in gerrit, using a similar workflow to how we review and merge changes to the code itself.

The layout of this repository is:

specs/<release>/

You can find an example spec in specs/template.rst.

Specifications are proposed for a given release by adding them to the specs/<release> directory and posting it for review. The implementation status of a blueprint for a given release can be found by looking at the blueprint in launchpad. Not all approved blueprints will get fully implemented.

Specifications have to be re-proposed for every release. The review may be quick, but even if something was previously approved, it should be re-reviewed to make sure it still makes sense as written.

Please note, Launchpad blueprints are still used for tracking the current status of blueprints. For more information, see:

https://wiki.openstack.org/wiki/Blueprints

Launchpad blueprints for Tacker can be found at:

https://blueprints.launchpad.net/tacker

For more information about working with gerrit, see:

https://docs.openstack.org/infra/manual/developers.html#development-workflow

To validate that the specification is syntactically correct (i.e. get more confidence in the Jenkins result), please execute the following command:

$ tox

After running tox, the documentation will be available for viewing in HTML format in the doc/build/ directory. Please do not checkin the generated HTML files as a part of your commit.