tacker/main.yaml at master - tacker - OpenDev: Free Software Needs Free Tools

openstack/tacker

kexuesheng 05fe9fa42c Enhancement of Tacker API resource access control

For fine-grained access control based on user and VNF information
for API resources, this patch does the following things:
1.Add three comparison attributes of area, vendor, and tenant
  for the enhanced Tacker policy.
2.Convert special roles to API attributes in context.
3.Modify the API process to support Tacker policy authorize.
4.Add the Tacker policy filter to the list API processes.

Implements: blueprint enhance-api-policy
Change-Id: I5b4c39387860133a3bcf4544f18a6353c80773f6

2023-03-14 18:01:41 +09:00

13 lines

330 B

YAML

Raw Permalink Blame History

 - block:
   - name: Copy policy.yaml
     copy:
        src: "{{ devstack_base_dir }}/tacker/etc/tacker/enhanced_tacker_policy.yaml.sample"
        dest: "/etc/tacker/policy.yaml"
        remote_src: true
        mode: 0644
        owner: stack
        group: stack
     become: yes
   when:
     - inventory_hostname == 'controller-tacker'