starlingx/distcloud
Code Issues Proposed changes
Files
2b198a80098fddd2b5a8cd8eea2ade98674142c7
distcloud/distributedcloud/etc
History
amantri 474c63ae4e Implement configurator role RBAC for dc related processes 
This commit implements RBAC for configurator role, this role
has the same level of access as the existing admin role.
The existing base rules are changed to accommodate the new
configurator role. For the incoming create,delete,modify requests the
admin access is provided by authorizing the user with the policy rules.

Test Plan:
PASS: Expect only admin,operator,configurator role users can
      execute the following commands
	dcmanager subcloud manage <subcloud>
	dcmanager subcloud unmanage <subcloud>
	dcmanager subcloud-backup create --subcloud
	dcmanager subcloud-backup delete --subcloud
PASS: Expect configurator,admin,operator,reader role users
      allowed to execute the following command
	dcmanager alarm summary
PASS: Verify only configurator,admin allowed to do the
      following
	dcmanager subcloud prestage
	dcmanager subcloud reconfigure
	dcmanager subcloud reinstall
	dcmanager subcloud redeploy
	dcmanager subcloud restore
	dcmanager subcloud update_status
        dcmanager subcloud update
        dcmanager subcloud delete <subcloud>
        dcmanager patch-strategy create
        dcmanager patch-strategy apply
        dcmanager patch-strategy abort
        dcmanager patch-strategy delete
        dcmanager subcloud-group add
        dcmanager subcloud-group delete
	dcmanager subcloud-deploy upload
        dcmanager kube-rootca-update-strategy create/delete
        dcmanager patch-strategy-config update
        dcmanager subcloud-peer-group add/delete
        dcmanager sw-deploy-strategy create/delete
        dcmanager peer-group-association add/delete
	dcmanager system-peer add/delete

Story: 2011348
Task: 52055

Change-Id: I9e7d5932f0d158f20db1c9741e9b6c707cedf28a
Signed-off-by: amantri <ayyappa.mantri@windriver.com>
2025-05-05 16:44:05 +00:00
..
dcagent
Implement configurator role RBAC for dc related processes
2025-05-05 16:44:05 +00:00
dccertmon
Introduce dccertmon service
2025-03-14 15:48:19 -04:00
dcdbsync
Implement configurator role RBAC for dc related processes
2025-05-05 16:44:05 +00:00
dcmanager
Implement configurator role RBAC for dc related processes
2025-05-05 16:44:05 +00:00
dcorch
Implement configurator role RBAC for dc related processes
2025-05-05 16:44:05 +00:00