summaryrefslogtreecommitdiffstats
path: root/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2
diff options
context:
space:
mode:
Diffstat (limited to 'deploy/adapters/ansible/roles/aodh/templates/policy.json.j2')
-rw-r--r--deploy/adapters/ansible/roles/aodh/templates/policy.json.j220
1 files changed, 20 insertions, 0 deletions
diff --git a/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2 b/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2
new file mode 100644
index 00000000..4fd873e9
--- /dev/null
+++ b/deploy/adapters/ansible/roles/aodh/templates/policy.json.j2
@@ -0,0 +1,20 @@
+{
+ "context_is_admin": "role:admin",
+ "segregation": "rule:context_is_admin",
+ "admin_or_owner": "rule:context_is_admin or project_id:%(project_id)s",
+ "default": "rule:admin_or_owner",
+
+ "telemetry:get_alarm": "rule:admin_or_owner",
+ "telemetry:get_alarms": "rule:admin_or_owner",
+ "telemetry:query_alarm": "rule:admin_or_owner",
+
+ "telemetry:create_alarm": "",
+ "telemetry:change_alarm": "rule:admin_or_owner",
+ "telemetry:delete_alarm": "rule:admin_or_owner",
+
+ "telemetry:get_alarm_state": "rule:admin_or_owner",
+ "telemetry:change_alarm_state": "rule:admin_or_owner",
+
+ "telemetry:alarm_history": "rule:admin_or_owner",
+ "telemetry:query_alarm_history": "rule:admin_or_owner"
+}