rules in policy.json
I have been searching the policy.json reference for a long while. But it seems nowhere can find anything about the rules, signs or meaning. I have some questions:
- What does the "@" mean? Such as "identity:check_role_for_trust": [[ "@" ]].
- How to define a rule to deny any users, including the admin user is not allowed? Such as the "identity:create_policy":?
- Is there any place we can find a policy.json reference guide?
Thanks
Can you please let me know where did you find "identity:check_role_for_trust": [[ "@" ]].. I don't see this in keystone policy file
You can find some examples on this link http://docs.openstack.org/juno/config...
"identity:get_trust": [["rule:admin_or_owner"]], "identity:list_trusts": [["@"]], "identity:list_roles_for_trust": [["@"]],
This link will helps you.
http://www.florentflament.com/blog/cu...