94e96d542d
This patch move away some policy rules from policy.json file and place them under a designated policy file under policy.d directory. Change-Id: I0e91c384a0d7c1ddfa1d5ea5756bf851760539ab
24 lines
992 B
JSON
24 lines
992 B
JSON
{
|
|
"create_router:distributed": "rule:admin_or_owner",
|
|
"get_router:distributed": "rule:admin_or_owner",
|
|
"update_router:distributed": "rule:admin_or_owner"
|
|
|
|
"get_router:ha": "rule:admin_only",
|
|
"create_router": "rule:regular_user",
|
|
"create_router:external_gateway_info:enable_snat": "rule:admin_only",
|
|
"create_router:distributed": "rule:admin_only",
|
|
"create_router:ha": "rule:admin_only",
|
|
"get_router": "rule:admin_or_owner",
|
|
"get_router:distributed": "rule:admin_only",
|
|
"update_router:external_gateway_info:enable_snat": "rule:admin_only",
|
|
"update_router:distributed": "rule:admin_only",
|
|
"update_router:ha": "rule:admin_only",
|
|
"delete_router": "rule:admin_or_owner",
|
|
|
|
"add_router_interface": "rule:admin_or_owner",
|
|
"remove_router_interface": "rule:admin_or_owner",
|
|
|
|
"create_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
"update_router:external_gateway_info:external_fixed_ips": "rule:admin_only",
|
|
}
|