aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/etc/policies/policy_authz/scope.json
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/etc/policies/policy_authz/scope.json')
-rw-r--r--keystone-moon/etc/policies/policy_authz/scope.json49
1 files changed, 49 insertions, 0 deletions
diff --git a/keystone-moon/etc/policies/policy_authz/scope.json b/keystone-moon/etc/policies/policy_authz/scope.json
new file mode 100644
index 00000000..9b313daf
--- /dev/null
+++ b/keystone-moon/etc/policies/policy_authz/scope.json
@@ -0,0 +1,49 @@
+{
+ "subject_scopes": {
+ "role": [
+ "admin",
+ "dev"
+ ],
+ "subject_security_level": [
+ "high",
+ "medium",
+ "low"
+ ],
+ "domain": [
+ "ft",
+ "xx"
+ ]
+ },
+
+ "action_scopes": {
+ "resource_action": [
+ "vm_admin",
+ "vm_access",
+ "storage_admin",
+ "storage_access"
+ ],
+ "access": [
+ "write",
+ "read"
+ ]
+ },
+
+ "object_scopes": {
+ "object_security_level": [
+ "high",
+ "medium",
+ "low"
+ ],
+ "type": [
+ "computing",
+ "storage"
+ ],
+ "object_id": [
+ "servers",
+ "vm1",
+ "vm2",
+ "file1",
+ "file2"
+ ]
+ }
+}