Hi ,
I am trying to understand Difference between RBAC polices thats stored in
policy.json and policies that can be created using
openstack/identity/v3/policies.
I got answer from openstack forum that I can use both DB and policy.json based
implementation for RBAC policy management.
Can you please tell me how to use DB based RBAC ? I can elaborate my question
1. In policy.json(keystone) I am able to define rule called - admin_required
2. Similarly I can define rules line custome_role_required
3. Then I can add this rule against each services (like for eg :
identity:list_users = custom_role_required
How can I use this for DB based RBAC policies?
Also there are code like self.policy_api.enforce(context, creds,
'admin_required', {}) in many places (this is in wsgi.py)
How can I utilize the same code and at the same time move the policy definition
to DB
Thanks a million,
Sudheesh_______________________________________________
OpenStack-dev mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
