# Create a tap flow
# POST  /taas/tap_flows
# Intended scope(s): project
#"create_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "create_tap_flow":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "create_tap_flow":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Update a tap flow
# PUT  /taas/tap_flows/{id}
# Intended scope(s): project
#"update_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "update_tap_flow":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "update_tap_flow":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Show a tap flow
# GET  /taas/tap_flows/{id}
# Intended scope(s): project
#"get_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "get_tap_flow":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "get_tap_flow":"(rule:admin_only) or (role:member
# and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Delete a tap flow
# DELETE  /taas/tap_flows/{id}
# Intended scope(s): project
#"delete_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "delete_tap_flow":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "delete_tap_flow":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Create a tap service
# POST  /taas/tap_services
# Intended scope(s): project
#"create_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "create_tap_service":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "create_tap_service":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Updates a tap service
# PUT  /taas/tap_services/{id}
# Intended scope(s): project
#"update_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "update_tap_service":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "update_tap_service":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Show a tap service
# GET  /taas/tap_services/{id}
# Intended scope(s): project
#"get_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "get_tap_service":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "get_tap_service":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Delete a tap service
# DELETE  /taas/tap_services/{id}
# Intended scope(s): project
#"delete_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# DEPRECATED
# "delete_tap_service":"rule:admin_or_owner" has been deprecated since
# 2025.2 in favor of "delete_tap_service":"(rule:admin_only) or
# (role:member and project_id:%(project_id)s)".
# The neutron TAAS API now supports Secure RBAC default roles.

# Create a Tap Mirror
# POST  /taas/tap_mirrors
# Intended scope(s): project
#"create_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# Update a Tap Mirror
# PUT  /taas/tap_mirrors/{id}
# Intended scope(s): project
#"update_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"

# Show a Tap Mirror
# GET  /taas/tap_mirrors
# GET  /taas/tap_mirrors/{id}
# Intended scope(s): project
#"get_tap_mirror": "(rule:admin_only) or (role:reader and project_id:%(project_id)s)"

# Delete a Tap Mirror
# DELETE  /taas/tap_mirrors/{id}
# Intended scope(s): project
#"delete_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"