6e94491c2c
Update tap_flow and tap_service API to new s-rbac defaults and added unit tests. Added unit tests for the existing tap_mirror API for completeness Change-Id: I9cb1ab098c6a25fc1e1991790a095e9366bb71c5
110 lines
4.0 KiB
Plaintext
110 lines
4.0 KiB
Plaintext
# Create a tap flow
|
|
# POST /taas/tap_flows
|
|
# Intended scope(s): project
|
|
#"create_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "create_tap_flow":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "create_tap_flow":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Update a tap flow
|
|
# PUT /taas/tap_flows/{id}
|
|
# Intended scope(s): project
|
|
#"update_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "update_tap_flow":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "update_tap_flow":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Show a tap flow
|
|
# GET /taas/tap_flows/{id}
|
|
# Intended scope(s): project
|
|
#"get_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "get_tap_flow":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "get_tap_flow":"(rule:admin_only) or (role:member
|
|
# and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Delete a tap flow
|
|
# DELETE /taas/tap_flows/{id}
|
|
# Intended scope(s): project
|
|
#"delete_tap_flow": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "delete_tap_flow":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "delete_tap_flow":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Create a tap service
|
|
# POST /taas/tap_services
|
|
# Intended scope(s): project
|
|
#"create_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "create_tap_service":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "create_tap_service":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Updates a tap service
|
|
# PUT /taas/tap_services/{id}
|
|
# Intended scope(s): project
|
|
#"update_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "update_tap_service":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "update_tap_service":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Show a tap service
|
|
# GET /taas/tap_services/{id}
|
|
# Intended scope(s): project
|
|
#"get_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "get_tap_service":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "get_tap_service":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Delete a tap service
|
|
# DELETE /taas/tap_services/{id}
|
|
# Intended scope(s): project
|
|
#"delete_tap_service": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# DEPRECATED
|
|
# "delete_tap_service":"rule:admin_or_owner" has been deprecated since
|
|
# 2025.2 in favor of "delete_tap_service":"(rule:admin_only) or
|
|
# (role:member and project_id:%(project_id)s)".
|
|
# The neutron TAAS API now supports Secure RBAC default roles.
|
|
|
|
# Create a Tap Mirror
|
|
# POST /taas/tap_mirrors
|
|
# Intended scope(s): project
|
|
#"create_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# Update a Tap Mirror
|
|
# PUT /taas/tap_mirrors/{id}
|
|
# Intended scope(s): project
|
|
#"update_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|
|
# Show a Tap Mirror
|
|
# GET /taas/tap_mirrors
|
|
# GET /taas/tap_mirrors/{id}
|
|
# Intended scope(s): project
|
|
#"get_tap_mirror": "(rule:admin_only) or (role:reader and project_id:%(project_id)s)"
|
|
|
|
# Delete a Tap Mirror
|
|
# DELETE /taas/tap_mirrors/{id}
|
|
# Intended scope(s): project
|
|
#"delete_tap_mirror": "(rule:admin_only) or (role:member and project_id:%(project_id)s)"
|
|
|