Initial commit

author: Vincent S. Cojot <vcojot@redhat.com> 2017-02-08 16:42:22 -0500
committer: Vincent S. Cojot <vcojot@redhat.com> 2017-02-08 16:42:22 -0500
commit: 76707f93fc6e67c6905b0f79c47130eb32d7ee14 (patch)
tree: fe24acb8c05f1e7f9f8a4c1f770a36765fdc8daf /etc/aodh/policy.json
download: openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.tar.gz
openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.tar.xz
openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/etc/aodh/policy.json b/etc/aodh/policy.json
new file mode 100644
index 0000000..b4ea233
--- /dev/null
+++ b/etc/aodh/policy.json
@@ -0,0 +1,21 @@
+{
+    "deny_readonly": "not role:readonly",
+    "context_is_admin": "role:admin",
+    "segregation": "rule:context_is_admin",
+    "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
+    "default": "rule:admin_or_owner",
+
+    "telemetry:get_alarm": "rule:admin_or_owner",
+    "telemetry:get_alarms": "rule:admin_or_owner",
+    "telemetry:query_alarm": "rule:admin_or_owner",
+
+    "telemetry:create_alarm": "rule:deny_readonly",
+    "telemetry:change_alarm": "rule:admin_or_owner",
+    "telemetry:delete_alarm": "rule:admin_or_owner",
+
+    "telemetry:get_alarm_state": "rule:admin_or_owner",
+    "telemetry:change_alarm_state": "rule:admin_or_owner",
+
+    "telemetry:alarm_history": "rule:admin_or_owner",
+    "telemetry:query_alarm_history": "rule:admin_or_owner"
+}
author	Vincent S. Cojot <vcojot@redhat.com>	2017-02-08 16:42:22 -0500
committer	Vincent S. Cojot <vcojot@redhat.com>	2017-02-08 16:42:22 -0500
commit	76707f93fc6e67c6905b0f79c47130eb32d7ee14 (patch)
tree	fe24acb8c05f1e7f9f8a4c1f770a36765fdc8daf /etc/aodh/policy.json
download	openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.tar.gz openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.tar.xz openstack-access-policy-76707f93fc6e67c6905b0f79c47130eb32d7ee14.zip