Merge "Update Barbican Orders policy for secure-rbac"
This commit is contained in:
commit
3184c3471b
|
@ -3040,6 +3040,9 @@ parameter_defaults:
|
|||
barbican-container_project_member:
|
||||
key: "container_project_member"
|
||||
value: "rule:member and project_id:%(target.container.project_id)s"
|
||||
barbican-order_project_member:
|
||||
key: "order_project_member"
|
||||
value: "rule:member and project_id:%(target.order.project_id)s"
|
||||
barbican-secret_acls_get:
|
||||
key: "secret_acls:get"
|
||||
value: "rule:secret_project_member and (rule:secret_owner or rule:secret_is_not_private_read) or rule:secret_project_admin"
|
||||
|
@ -3099,10 +3102,10 @@ parameter_defaults:
|
|||
value: "rule:member"
|
||||
barbican-order_get:
|
||||
key: "order:get"
|
||||
value: "rule:member"
|
||||
value: "rule:order_project_member"
|
||||
barbican-order_delete:
|
||||
key: "order:delete"
|
||||
value: "rule:member"
|
||||
value: "rule:order_project_member"
|
||||
barbican-quotas_get:
|
||||
key: "quotas:get"
|
||||
value: "rule:reader"
|
||||
|
|
Loading…
Reference in New Issue