New Cinder RBAC policies for Epoxy release

The change adds policies that allow the execution
of some new Cinder features. Please, also note that
was necessary to add a new policy for Nova during
the test plan execution.

Policies:
Cinder - volume_extension:type_get_all
Nova - os_compute_api:servers:create:attach_volume

Rules for policies:
Cinder - admin_or_owner
Nova - admin_or_projectmember_owner

Story: 2011516
Task: 53808

TEST PLAN
PASS - Apply new enhanced RBAC policies YAML files
      * system helm-override-update
PASS - Ensure polices are working as expected
	(147 automated TC)

Change-Id: If49f0061d2769546f156f0f0af70a585016e0218
Signed-off-by: adeheldb <Andre.deHeldBadur@windriver.com>

enhanced-policies/cinder-policy-overrides.yml

@@ -122,6 +122,7 @@ conf:
         volume_extension:snapshot_admin_actions:reset_status: rule:admin_api
         volume_extension:snapshot_backup_status_attribute: rule:admin_or_projectadmin_owner
         volume_extension:snapshot_export_attributes: rule:admin_or_projectadmin_owner
+        volume_extension:type_get_all: rule:admin_or_owner
         volume_extension:types_extra_specs:create: rule:admin_api
         volume_extension:types_extra_specs:delete: rule:admin_api
         volume_extension:types_extra_specs:index: rule:admin_api

enhanced-policies/nova-policy-overrides.yml

@@ -50,6 +50,7 @@ conf:
         os_compute_api:server-metadata:update_all: rule:admin_or_projectadmin_owner
         os_compute_api:servers:confirm_resize: rule:admin_or_projectadmin_owner
         os_compute_api:servers:create: rule:admin_or_projectmember_owner
+        os_compute_api:servers:create:attach_volume: rule:admin_or_projectmember_owner
         os_compute_api:servers:create_image: rule:admin_or_projectadmin_owner
         os_compute_api:servers:delete: rule:admin_or_projectadmin_owner
         os_compute_api:servers:detail: rule:admin_or_projectreadonly_required