Ask Your Question

why we need "admin_api": [["is_admin:True"]] in policy.json ?

asked 2013-01-31 04:33:00 -0500

chen-li gravatar image

I'm really confused about context in file policy.json.

Why we have to define some actions with "role:admin", some with "rule:admin_api" and, some with "is_admin:True"?

Also, we can get "admin_api": [["is_admin:True"]] in /etc/nova/policy.json, But, "admin_api": "role:admin" in nova/tests/ And, according to my understanding, role:admin and is_admin:True will always keep same in context.

Anyone can give me a brief introduction?

Thanks. -chen

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2013-02-09 03:11:27 -0500

zzs gravatar image

I remember I saw someone mentioned before, it looks like there are legacy projects assumed the role name is "admin".

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-01-31 04:33:00 -0500

Seen: 310 times

Last updated: Feb 09 '13