Skip to content

Instantly share code, notes, and snippets.

@michalskalski

michalskalski/policy.json

Created January 16, 2019 14:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save michalskalski/bfe641726f53e4afc92e9ebd4c32ca66 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save michalskalski/bfe641726f53e4afc92e9ebd4c32ca66 to your computer and use it in GitHub Desktop.
Download ZIP
Contrail policy.json
Raw
policy.json
{
"context_is_admin": "role:admin",
"admin_or_owner": "is_admin:True or project_id:%(project_id)s",
"default": "rule:admin_or_owner",
"list_subnets": "rule:admin_or_owner",
"create_subnets": "rule:admin_or_owner",
"show_subnet": "rule:admin_or_owner",
"update_subnet": "rule:admin_or_owner",
"delete_subnet": "rule:admin_or_owner",
"list_virtual_DNSs": "rule:admin_or_owner",
"create_virtual_DNSs": "rule:admin_or_owner",
"show_virtual_DNS": "rule:admin_or_owner",
"delete_virtual_DNS": "rule:admin_or_owner",
"update_virtual_DNS": "rule:admin_or_owner",
"list_virtual_DNS_records": "rule:admin_or_owner",
"create_virtual_DNS_records": "rule:admin_or_owner",
"show_virtual_DNS_record": "rule:admin_or_owner",
"delete_virtual_DNS_record": "rule:admin_or_owner",
"update_virtual_DNS_record": "rule:admin_or_owner",
"list_namespaces": "rule:admin_or_owner",
"create_namespaces": "rule:admin_or_owner",
"show_namespace": "rule:admin_or_owner",
"update_namespace": "rule:admin_or_owner",
"delete_namespace": "rule:admin_or_owner",
"list_alias_ips": "rule:admin_or_owner",
"create_alias_ips": "rule:admin_or_owner",
"show_alias_ip": "rule:admin_or_owner",
"update_alias_ip": "rule:admin_or_owner",
"delete_alias_ip": "rule:admin_or_owner",
"list_alias_ip_pools": "rule:admin_or_owner",
"create_alias_ip_pools": "rule:admin_or_owner",
"show_alias_ip_pool": "rule:admin_or_owner",
"update_alias_ip_pool": "rule:admin_or_owner",
"delete_alias_ip_pool": "rule:admin_or_owner",
"list_port_tuples": "rule:admin_or_owner",
"show_port_tuple": "rule:admin_or_owner",
"create_port_tuples": "rule:admin_or_owner",
"update_port_tuple": "rule:admin_or_owner",
"delete_port_tuple": "rule:admin_or_owner",
"list_api_access_lists": "rule:admin_or_owner",
"create_api_access_lists": "rule:admin_or_owner",
"show_api_access_list": "rule:admin_or_owner",
"update_api_access_list": "rule:admin_or_owner",
"delete_api_access_list": "rule:admin_or_owner",
"list_access_control_lists": "rule:admin_or_owner",
"create_access_control_lists": "rule:admin_or_owner",
"show_access_control_list": "rule:admin_or_owner",
"update_access_control_list": "rule:admin_or_owner",
"delete_access_control_list": "rule:admin_or_owner",
"list_domains": "rule:admin_or_owner",
"create_domains": "rule:admin_or_owner",
"show_domain": "rule:admin_or_owner",
"update_domain": "rule:admin_or_owner",
"delete_domain": "rule:admin_or_owner",
"list_database_nodes": "rule:admin_or_owner",
"show_database_node": "rule:admin_or_owner",
"create_database_nodes": "rule:admin_or_owner",
"update_database_node": "rule:admin_or_owner",
"delete_database_node": "rule:admin_or_owner",
"list_fabrics": "rule:admin_or_owner",
"create_fabric": "rule:admin_or_owner",
"show_fabric": "rule:admin_or_owner",
"delete_fabric": "rule:admin_or_owner",
"update_fabric": "rule:admin_or_owner",
"list_physical_interfaces": "rule:admin_or_owner",
"create_physical_interfaces": "rule:admin_or_owner",
"update_physical_interface": "rule:admin_or_owner",
"delete_physical_interface": "rule:admin_or_owner",
"show_physical_interface": "rule:admin_or_owner",
"list_logical_interfaces": "rule:admin_or_owner",
"create_logical_interfaces": "rule:admin_or_owner",
"update_logical_interface": "rule:admin_or_owner",
"delete_logical_interface": "rule:admin_or_owner",
"show_logical_interface": "rule:admin_or_owner",
"list_projects": "rule:admin_or_owner",
"create_projects": "rule:admin_or_owner",
"show_project": "rule:admin_or_owner",
"update_project": "rule:admin_or_owner",
"delete_project": "rule:admin_or_owner",
"list_provider_attachments": "rule:admin_or_owner",
"create_provider_attachments": "rule:admin_or_owner",
"show_provider_attachment": "rule:admin_or_owner",
"update_provider_attachment": "rule:admin_or_owner",
"delete_provider_attachment": "rule:admin_or_owner",
"list_customer_attachments": "rule:admin_or_owner",
"create_customer_attachments": "rule:admin_or_owner",
"show_customer_attachment": "rule:admin_or_owner",
"update_customer_attachment": "rule:admin_or_owner",
"delete_customer_attachment": "rule:admin_or_owner",
"list_virtual_networks": "rule:admin_or_owner",
"create_virtual_networks": "rule:admin_or_owner",
"update_virtual_network": "rule:admin_or_owner",
"delete_virtual_network": "rule:admin_or_owner",
"show_virtual_network": "rule:admin_or_owner",
"list_routing_policys": "rule:admin_or_owner",
"create_routing_policys": "rule:admin_or_owner",
"show_routing_policy": "rule:admin_or_owner",
"update_routing_policy": "rule:admin_or_owner",
"delete_routing_policy": "rule:admin_or_owner",
"list_virtual_ips": "rule:admin_or_owner",
"create_virtual_ips": "rule:admin_or_owner",
"show_virtual_ip": "rule:admin_or_owner",
"update_virtual_ip": "rule:admin_or_owner",
"delete_virtual_ip": "rule:admin_or_owner",
"list_bgp_as_a_services": "rule:admin_or_owner",
"create_bgp_as_a_services": "rule:admin_or_owner",
"show_bgp_as_a_service": "rule:admin_or_owner",
"delete_bgp_as_a_service": "rule:admin_or_owner",
"update_bgp_as_a_service": "rule:admin_or_owner",
"list_config_nodes": "rule:admin_or_owner",
"create_config_nodes": "rule:admin_or_owner",
"delete_config_node": "rule:admin_or_owner",
"show_config_node": "rule:admin_or_owner",
"update_config_node": "rule:admin_or_owner",
"create_config_roots": "rule:admin_or_owner",
"delete_config_root": "rule:admin_or_owner",
"show_config_root": "rule:admin_or_owner",
"update_config_root": "rule:admin_or_owner",
"list_config_roots": "rule:admin_or_owner",
"list_global_system_configs": "rule:admin_or_owner",
"create_global_system_configs": "rule:admin_or_owner",
"show_global_system_config": "rule:admin_or_owner",
"update_global_system_config": "rule:admin_or_owner",
"delete_global_system_config": "rule:admin_or_owner",
"list_network_policys": "rule:admin_or_owner",
"create_network_policys": "rule:admin_or_owner",
"show_network_policy": "rule:admin_or_owner",
"update_network_policy": "rule:admin_or_owner",
"delete_network_policy": "rule:admin_or_owner",
"list_instance_ips": "rule:admin_or_owner",
"create_instance_ips": "rule:admin_or_owner",
"show_instance_ip": "rule:admin_or_owner",
"update_instance_ip": "rule:admin_or_owner",
"delete_instance_ip": "rule:admin_or_owner",
"list_service_appliances": "rule:admin_or_owner",
"create_service_appliances": "rule:admin_or_owner",
"show_service_appliance": "rule:admin_or_owner",
"update_service_appliance": "rule:admin_or_owner",
"delete_service_appliance": "rule:admin_or_owner",
"list_service_appliance_sets": "rule:admin_or_owner",
"create_service_appliance_sets": "rule:admin_or_owner",
"show_service_appliance_set": "rule:admin_or_owner",
"update_service_appliance_set": "rule:admin_or_owner",
"delete_service_appliance_set": "rule:admin_or_owner",
"list_global_qos_configs": "rule:admin_or_owner",
"create_global_qos_configs": "rule:admin_or_owner",
"show_global_qos_config": "rule:admin_or_owner",
"update_global_qos_config": "rule:admin_or_owner",
"delete_global_qos_config": "rule:admin_or_owner",
"create_floating_ip_pools": "rule:admin_or_owner",
"list_floating_ip_pools": "rule:admin_or_owner",
"show_floating_ip_pool": "rule:admin_or_owner",
"update_floating_ip_pool": "rule:admin_or_owner",
"delete_floating_ip_pool": "rule:admin_or_owner",
"create_floating_ips": "rule:admin_or_owner",
"list_floating_ips": "rule:admin_or_owner",
"show_floating_ip": "rule:admin_or_owner",
"update_floating_ip": "rule:admin_or_owner",
"delete_floating_ip": "rule:admin_or_owner",
"list_forwarding_classs": "rule:admin_or_owner",
"show_forwarding_class": "rule:admin_or_owner",
"create_forwarding_classs": "rule:admin_or_owner",
"update_forwarding_class": "rule:admin_or_owner",
"delete_forwarding_class": "rule:admin_or_owner",
"list_discovery_service_assignments": "rule:admin_or_owner",
"create_discovery_service_assignments": "rule:admin_or_owner",
"show_discovery_service_assignment": "rule:admin_or_owner",
"update_discovery_service_assignment": "rule:admin_or_owner",
"delete_discovery_service_assignment": "rule:admin_or_owner",
"list_qos_queues": "rule:admin_or_owner",
"create_qos_queues": "rule:admin_or_owner",
"show_qos_queue": "rule:admin_or_owner",
"delete_qos_queue": "rule:admin_or_owner",
"update_qos_queue": "rule:admin_or_owner",
"list_security_groups": "rule:admin_or_owner",
"show_security_group": "rule:admin_or_owner",
"delete_security_group": "rule:admin_or_owner",
"create_security_groups": "rule:admin_or_owner",
"update_security_group": "rule:admin_or_owner",
"list_analytics_nodes": "rule:admin_or_owner",
"show_analytics_node": "rule:admin_or_owner",
"create_analytics_nodes": "rule:admin_or_owner",
"update_analytics_node": "rule:admin_or_owner",
"delete_analytics_node": "rule:admin_or_owner",
"list_route_tables": "rule:admin_or_owner",
"show_route_table": "rule:admin_or_owner",
"create_route_tables": "rule:admin_or_owner",
"update_route_table": "rule:admin_or_owner",
"delete_route_table": "rule:admin_or_owner",
"list_interface_route_tables": "rule:admin_or_owner",
"show_interface_route_table": "rule:admin_or_owner",
"create_interface_route_tables": "rule:admin_or_owner",
"update_interface_route_table": "rule:admin_or_owner",
"delete_interface_route_table": "rule:admin_or_owner",
"list_route_targets": "rule:admin_or_owner",
"show_route_target": "rule:admin_or_owner",
"create_route_targets": "rule:admin_or_owner",
"update_route_target": "rule:admin_or_owner",
"delete_route_target": "rule:admin_or_owner",
"list_route_aggregates": "rule:admin_or_owner",
"show_route_aggregate": "rule:admin_or_owner",
"create_route_aggregates": "rule:admin_or_owner",
"update_route_aggregate": "rule:admin_or_owner",
"delete_route_aggregate": "rule:admin_or_owner",
"fqname_to_id": "rule:admin_or_owner",
"id_to_fqname": "rule:admin_or_owner",
"list_fabric_namespaces": "rule:admin_or_owner",
"create_fabric_namespace": "rule:admin_or_owner",
"show_fabric_namespace": "rule:admin_or_owner",
"delete_fabric_namespace": "rule:admin_or_owner",
"update_fabric_namespace": "rule:admin_or_owner",
"list_virtual_machine_interfaces": "rule:admin_or_owner",
"create_virtual_machine_interfaces": "rule:admin_or_owner",
"show_virtual_machine_interface": "rule:admin_or_owner",
"delete_virtual_machine_interface": "rule:admin_or_owner",
"update_virtual_machine_interface": "rule:admin_or_owner",
"list_qos_configs": "rule:admin_or_owner",
"create_qos_configs": "rule:admin_or_owner",
"show_qos_config": "rule:admin_or_owner",
"delete_qos_config": "rule:admin_or_owner",
"update_qos_config": "rule:admin_or_owner",
"list_dsa_rules": "rule:admin_or_owner",
"show_dsa_rule": "rule:admin_or_owner",
"create_dsa_rules": "rule:admin_or_owner",
"update_dsa_rule": "rule:admin_or_owner",
"delete_dsa_rule": "rule:admin_or_owner",
"list_alarms": "rule:admin_or_owner",
"create_alarms": "rule:admin_or_owner",
"show_alarm": "rule:admin_or_owner",
"update_alarm": "rule:admin_or_owner",
"delete_alarm": "rule:admin_or_owner",
"list_load_balancers": "rule:admin_or_owner",
"create_load_balancers": "rule:admin_or_owner",
"show_load_balancer": "rule:admin_or_owner",
"update_load_balancer": "rule:admin_or_owner",
"delete_load_balancer": "rule:admin_or_owner",
"list_load_balancer_health_monitors": "rule:admin_or_owner",
"create_load_balancer_health_monitors": "rule:admin_or_owner",
"show_load_balancer_health_monitor": "rule:admin_or_owner",
"update_load_balancer_health_monitor": "rule:admin_or_owner",
"delete_load_balancer_health_monitor": "rule:admin_or_owner",
"list_load_balancer_listeners": "rule:admin_or_owner",
"create_load_balancer_listeners": "rule:admin_or_owner",
"show_load_balancer_listener": "rule:admin_or_owner",
"update_load_balancer_listener": "rule:admin_or_owner",
"delete_load_balancer_listener": "rule:admin_or_owner",
"list_load_balancer_pools": "rule:admin_or_owner",
"create_load_balancer_pools": "rule:admin_or_owner",
"show_load_balancer_pool": "rule:admin_or_owner",
"update_load_balancer_pool": "rule:admin_or_owner",
"delete_load_balancer_pool": "rule:admin_or_owner",
"list_load_balancer_members": "rule:admin_or_owner",
"create_load_balancer_members": "rule:admin_or_owner",
"show_load_balancer_member": "rule:admin_or_owner",
"update_load_balancer_member": "rule:admin_or_owner",
"delete_load_balancer_member": "rule:admin_or_owner",
"list_routing_instances": "rule:admin_or_owner",
"create_routing_instances": "rule:admin_or_owner",
"show_routing_instance": "rule:admin_or_owner",
"delete_routing_instance": "rule:admin_or_owner",
"update_routing_instance": "rule:admin_or_owner",
"list_service_templates": "rule:admin_or_owner",
"create_service_templates": "rule:admin_or_owner",
"show_service_template": "rule:admin_or_owner",
"update_service_template": "rule:admin_or_owner",
"delete_service_template": "rule:admin_or_owner",
"list_service_health_checks": "rule:admin_or_owner",
"create_service_health_checks": "rule:admin_or_owner",
"show_service_health_check": "rule:admin_or_owner",
"update_service_health_check": "rule:admin_or_owner",
"delete_service_health_check": "rule:admin_or_owner",
"create_service_instances": "rule:admin_or_owner",
"show_service_instance": "rule:admin_or_owner",
"delete_service_instance": "rule:admin_or_owner",
"list_service_instances": "rule:admin_or_owner",
"update_service_instance": "rule:admin_or_owner",
"list_network_ipams": "rule:admin_or_owner",
"create_network_ipams": "rule:admin_or_owner",
"show_network_ipam": "rule:admin_or_owner",
"delete_network_ipam": "rule:admin_or_owner",
"update_network_ipam": "rule:admin_or_owner",
"list_physical_routers": "rule:admin_or_owner",
"create_physical_routers": "rule:admin_or_owner",
"show_physical_router": "rule:admin_or_owner",
"update_physical_router": "rule:admin_or_owner",
"delete_physical_router": "rule:admin_or_owner",
"list_bgp_routers": "rule:admin_or_owner",
"create_bgp_routers": "rule:admin_or_owner",
"show_bgp_router": "rule:admin_or_owner",
"update_bgp_router": "rule:admin_or_owner",
"delete_bgp_router": "rule:admin_or_owner",
"list_global_vrouter_configs": "rule:admin_or_owner",
"create_global_vrouter_configs": "rule:admin_or_owner",
"show_global_vrouter_config": "rule:admin_or_owner",
"update_global_vrouter_config": "rule:admin_or_owner",
"delete_global_vrouter_config": "rule:admin_or_owner",
"list_logical_routers": "rule:admin_or_owner",
"create_logical_routers": "rule:admin_or_owner",
"show_logical_router": "rule:admin_or_owner",
"update_logical_router": "rule:admin_or_owner",
"delete_logical_router": "rule:admin_or_owner",
"list_virtual_routers": "rule:admin_or_owner",
"create_virtual_routers": "rule:admin_or_owner",
"show_virtual_router": "rule:admin_or_owner",
"update_virtual_router": "rule:admin_or_owner",
"delete_virtual_router": "rule:admin_or_owner"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment