Ask Your Question

why we need "admin_api": [["is_admin:True"]] in policy.json ?

asked 2013-01-31 04:33:00 -0500

chen-li gravatar image

I'm really confused about context in file policy.json.

Why we have to define some actions with "role:admin", some with "rule:admin_api" and, some with "is_admin:True"?

Also, we can get "admin_api": [["is_admin:True"]] in /etc/nova/policy.json, But, "admin_api": "role:admin" in nova/tests/ And, according to my understanding, role:admin and is_admin:True will always keep same in context.

Anyone can give me a brief introduction?

Thanks. -chen

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2013-02-09 03:11:27 -0500

zzs gravatar image

I remember I saw someone mentioned before, it looks like there are legacy projects assumed the role name is "admin".

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-01-31 04:33:00 -0500

Seen: 340 times

Last updated: Feb 09 '13