Ask Your Question
6

whats the difference between Policies stored in policy.json and policies that can be created using openstack/identity/v3/policies

asked 2013-07-15 00:51:29 -0500

Sudheesh gravatar image

updated 2013-11-19 19:59:44 -0500

koolhead17 gravatar image

whats the difference between Policies stored in policy.json and policies that can be created using openstack/identity/v3/policies. In V3 API we can create list delete policies using identity/v3/policies API. But how those policies can be utilized. What's the difference b/w such policies and policies that are available in policy.json?

  1. Is the new Policy API (REST) a replacement to policy.json?
  2. We think that policy REST API is saving policies in DB? - Is it correct
  3. If the policy REST API is doing(or supposed to) same thing as policy.json – can we remove policy.json and represent all our RBAC policies in DB?
edit retag flag offensive close delete

1 answer

Sort by » oldest newest most voted
1

answered 2014-03-03 23:13:05 -0500

Haneef Ali gravatar image

The intention is to store policy.json in db and use it instead of loading from file. But that is not going to happen, as services are not going to store policy in keystone. Also policy REST api has limitation. Who is supposed to invoke CRUD operation on policy API? It is a chicken and egg problem. IMO both policy and credential api in keystoen v3 is pretty much useless.

edit flag offensive delete publish link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

[hide preview]

Question Tools

Follow
2 followers

Stats

Asked: 2013-07-15 00:51:29 -0500

Seen: 307 times

Last updated: Mar 03