Add the moon_orchestrator element.

Change-Id: I09712c0b6e8e7d17a765829a981280ca5fd8af75

1 files changed, 55 insertions, 0 deletions

diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json
new file mode 100644
index 00000000..7a6c722e
--- /dev/null
+++ b/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json
@@ -0,0 +1,55 @@
+{
+    "subject_assignments": {
+        "subject_security_level":{
+			"admin": ["high"],
+			"demo": ["medium"]
+        },
+		"domain":{
+			"admin": ["ft"],
+			"demo": ["xx"]
+        },
+		"role": {
+			"admin": ["admin"],
+			"demo": ["dev"]
+		}
+    },
+
+    "action_assignments": {
+        "resource_action":{
+			"pause": ["vm_admin"],
+			"unpause": ["vm_admin"],
+			"start": ["vm_admin"],
+			"stop": ["vm_admin"],
+			"list": ["vm_access", "vm_admin"],
+			"create": ["vm_admin"],
+			"storage_list": ["storage_access"],
+			"download": ["storage_access"],
+			"post": ["storage_admin"],
+			"upload": ["storage_admin"]
+        },
+		"access": {
+			"pause": ["write"],
+			"unpause": ["write"],
+			"start": ["write"],
+			"stop": ["write"],
+			"list": ["read"],
+			"create": ["write"],
+			"storage_list": ["read"],
+			"download": ["read"],
+			"post": ["write"],
+			"upload": ["write"]
+		}
+    },
+
+    "object_assignments": {
+        "object_security_level": {
+            "servers": ["low"]
+        },
+		"type": {
+			"servers": ["computing"]
+		},
+		"object_id": {
+			"servers": ["servers"]
+		}
+    }
+}