diff options
Diffstat (limited to 'keystone-moon/examples/moon/policies/policy_rbac_authz')
6 files changed, 0 insertions, 105 deletions
diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json deleted file mode 100644 index e804b56a..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/assignment.json +++ /dev/null @@ -1,28 +0,0 @@ -{ - "subject_assignments": { - "role":{ - "admin": ["admin" ] - } - }, - - "action_assignments": { - "computing_action":{ - "pause": ["vm_admin"], - "unpause": ["vm_admin"], - "start": ["vm_admin"], - "stop": ["vm_admin"], - "list": ["vm_access", "vm_admin"], - "create": ["vm_admin"] - }, - "storage_action":{ - "get": ["vm_access"], - "set": ["vm_access", "vm_admin"] - } - }, - - "object_assignments": { - "id": { - "servers": ["servers"] - } - } -} diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json deleted file mode 100644 index 7f34ed7a..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/metadata.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "MLS_metadata", - "model": "MLS", - "genre": "authz", - "description": "Multi Layer Security authorization policy", - - "subject_categories": [ - "role" - ], - - "action_categories": [ - "computing_action", - "storage_action" - ], - - "object_categories": [ - "id" - ] -} diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json deleted file mode 100644 index ce828339..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/metarule.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "sub_meta_rules": { - "relation_super": { - "subject_categories": ["role"], - "action_categories": ["computing_action", "storage_action"], - "object_categories": ["id"], - "relation": "relation_super" - } - }, - "aggregation": "and_true_aggregation" -} - diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json deleted file mode 100644 index 4bf88de7..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/perimeter.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "subjects": [ - "admin" - ], - "actions": [ - "pause", - "unpause", - "start", - "stop", - "create", - "list" - ], - "objects": [ - "servers" - ] -} diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json deleted file mode 100644 index 7f9dc3bb..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/rules.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "relation_super":[ - ["admin", "vm_admin", "vm_admin", "servers"], - ["admin", "vm_access", "vm_access", "servers"] - ] -} diff --git a/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json b/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json deleted file mode 100644 index 34c5350a..00000000 --- a/keystone-moon/examples/moon/policies/policy_rbac_authz/scope.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "subject_category_scope": { - "role": [ - "admin" - ] - }, - - "action_category_scope": { - "computing_action": [ - "vm_access", - "vm_admin" - ], - "storage_action": [ - "vm_access", - "vm_admin" - ] - }, - - "object_category_scope": { - "id": [ - "servers" - ] - } -} |