rules in policy.json

asked 2015-02-09 11:36:52 -0600

Steve gravatar image

I have been searching the policy.json reference for a long while. But it seems nowhere can find anything about the rules, signs or meaning. I have some questions:

  1. What does the "@" mean? Such as "identity:check_role_for_trust": [[ "@" ]].
  2. How to define a rule to deny any users, including the admin user is not allowed? Such as the "identity:create_policy":?
  3. Is there any place we can find a policy.json reference guide?


edit retag flag offensive close merge delete


Can you please let me know where did you find "identity:check_role_for_trust": [[ "@" ]].. I don't see this in keystone policy file

Haneef Ali gravatar imageHaneef Ali ( 2015-02-10 11:21:29 -0600 )edit

You can find some examples on this link

"identity:get_trust": [["rule:admin_or_owner"]], "identity:list_trusts": [["@"]], "identity:list_roles_for_trust": [["@"]],

Steve gravatar imageSteve ( 2015-02-10 20:27:20 -0600 )edit
1-Cloud gravatar image1-Cloud ( 2015-02-13 00:15:38 -0600 )edit