How can add a new Role and then in Policy.json and create a Rule ? [closed]

asked 2013-07-19 04:44:13 -0600

Sudheesh gravatar image

1) How can I use a new (custom ) role and create a new Rule in Policy.json of keystone?

2) After the addition, should keystone service need a restart?

edit retag flag offensive reopen merge delete

Closed for the following reason duplicate question by smaffulli
close date 2015-08-21 16:21:21.058640


Any answer for this is highly appreciated. Let me make talk about an example. There is a Rule or policy in keystone called -> admin_required. I want to design something smilar for the extension I have written. I have created a user called extensionuser and a Role called ext_role. I want to make sure that my extension services are only useful any user who has ext_role. How can I do this

Sudheesh gravatar imageSudheesh ( 2013-08-08 01:28:55 -0600 )edit

I'm with the same problem, does anyone have any solution for this?

Raildo Filho gravatar imageRaildo Filho ( 2013-12-10 10:34:50 -0600 )edit

2 answers

Sort by ยป oldest newest most voted

answered 2014-04-10 10:12:32 -0600

9lives gravatar image

Try this in policy.json

    "ext_role_required": "role: ext_role",
    "extension:some_action": "rule:ext_role_required"

The first line is define the rule context by certain role or user. The second line is define the certain action can be performed with the matched rule context.

Hope that helps!


edit flag offensive delete link more

answered 2015-06-18 05:00:15 -0600

mc_vgupta gravatar image

updated 2015-06-18 05:25:25 -0600

Hi ,

Did that solution provided above worked ??

Do we just need to make that change in policy.json ?

I had the same situation where I tried to modified just the same and it didn't make any difference , can you provide more insight to the policy rule changes for Tenant Admin user ?

Thanks, Vineet

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools


Asked: 2013-07-19 04:44:13 -0600

Seen: 792 times

Last updated: Jun 18 '15