1) How can I use a new (custom ) role and create a new Rule in Policy.json of keystone?
2) After the addition, should keystone service need a restart?
Try this in policy.json
...
"ext_role_required": "role: ext_role",
"extension:some_action": "rule:ext_role_required"
...
The first line is define the rule context by certain role or user. The second line is define the certain action can be performed with the matched rule context.
Hope that helps!
Vic
Hi ,
Did that solution provided above worked ??
Do we just need to make that change in policy.json ?
I had the same situation where I tried to modified just the same and it didn't make any difference , can you provide more insight to the policy rule changes for Tenant Admin user ?
Thanks, Vineet
Asked: 2013-07-19 04:44:13 -0500
Seen: 694 times
Last updated: Jun 18 '15
Any answer for this is highly appreciated. Let me make talk about an example. There is a Rule or policy in keystone called -> admin_required. I want to design something smilar for the extension I have written. I have created a user called extensionuser and a Role called ext_role. I want to make sure that my extension services are only useful any user who has ext_role. How can I do this
I'm with the same problem, does anyone have any solution for this?