diff options
Diffstat (limited to 'keystone-moon/examples/moon/policies/policy_authz/rules.json')
-rw-r--r-- | keystone-moon/examples/moon/policies/policy_authz/rules.json | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/keystone-moon/examples/moon/policies/policy_authz/rules.json b/keystone-moon/examples/moon/policies/policy_authz/rules.json new file mode 100644 index 00000000..73e791d7 --- /dev/null +++ b/keystone-moon/examples/moon/policies/policy_authz/rules.json @@ -0,0 +1,41 @@ +{ + "mls_rule":[ + ["high", "vm_admin", "medium"], + ["high", "vm_admin", "low"], + ["medium", "vm_admin", "low"], + ["high", "vm_access", "high"], + ["high", "vm_access", "medium"], + ["high", "vm_access", "low"], + ["medium", "vm_access", "medium"], + ["medium", "vm_access", "low"], + ["low", "vm_access", "low"] + ], + "dte_rule":[ + ["ft", "read", "computing"], + ["ft", "write", "computing"], + ["ft", "read", "storage"], + ["ft", "write", "storage"], + ["xx", "read", "storage"] + ], + "rbac_rule":[ + ["dev", "xx", "read", "servers"], + ["dev", "xx", "read", "vm1"], + ["dev", "xx", "read", "vm2"], + ["dev", "xx", "read", "file1"], + ["dev", "xx", "read", "file2"], + ["dev", "xx", "write", "vm1"], + ["dev", "xx", "write", "vm2"], + ["dev", "xx", "write", "file1"], + ["dev", "xx", "write", "file2"], + ["admin", "xx", "read", "servers"], + ["admin", "ft", "read", "servers"], + ["admin", "ft", "read", "vm1"], + ["admin", "ft", "read", "vm2"], + ["admin", "ft", "read", "file1"], + ["admin", "ft", "read", "file2"], + ["admin", "ft", "write", "vm1"], + ["admin", "ft", "write", "vm2"], + ["admin", "ft", "write", "file1"], + ["admin", "ft", "write", "file2"] + ] +} |