aboutsummaryrefslogtreecommitdiffstats
path: root/keystone-moon/examples/moon/policies/policy_authz/rule.json
diff options
context:
space:
mode:
Diffstat (limited to 'keystone-moon/examples/moon/policies/policy_authz/rule.json')
-rw-r--r--keystone-moon/examples/moon/policies/policy_authz/rule.json41
1 files changed, 41 insertions, 0 deletions
diff --git a/keystone-moon/examples/moon/policies/policy_authz/rule.json b/keystone-moon/examples/moon/policies/policy_authz/rule.json
new file mode 100644
index 00000000..73e791d7
--- /dev/null
+++ b/keystone-moon/examples/moon/policies/policy_authz/rule.json
@@ -0,0 +1,41 @@
+{
+ "mls_rule":[
+ ["high", "vm_admin", "medium"],
+ ["high", "vm_admin", "low"],
+ ["medium", "vm_admin", "low"],
+ ["high", "vm_access", "high"],
+ ["high", "vm_access", "medium"],
+ ["high", "vm_access", "low"],
+ ["medium", "vm_access", "medium"],
+ ["medium", "vm_access", "low"],
+ ["low", "vm_access", "low"]
+ ],
+ "dte_rule":[
+ ["ft", "read", "computing"],
+ ["ft", "write", "computing"],
+ ["ft", "read", "storage"],
+ ["ft", "write", "storage"],
+ ["xx", "read", "storage"]
+ ],
+ "rbac_rule":[
+ ["dev", "xx", "read", "servers"],
+ ["dev", "xx", "read", "vm1"],
+ ["dev", "xx", "read", "vm2"],
+ ["dev", "xx", "read", "file1"],
+ ["dev", "xx", "read", "file2"],
+ ["dev", "xx", "write", "vm1"],
+ ["dev", "xx", "write", "vm2"],
+ ["dev", "xx", "write", "file1"],
+ ["dev", "xx", "write", "file2"],
+ ["admin", "xx", "read", "servers"],
+ ["admin", "ft", "read", "servers"],
+ ["admin", "ft", "read", "vm1"],
+ ["admin", "ft", "read", "vm2"],
+ ["admin", "ft", "read", "file1"],
+ ["admin", "ft", "read", "file2"],
+ ["admin", "ft", "write", "vm1"],
+ ["admin", "ft", "write", "vm2"],
+ ["admin", "ft", "write", "file1"],
+ ["admin", "ft", "write", "file2"]
+ ]
+}