From 1100c66ce03a059ebe7ece9734e799b49b3a5a9e Mon Sep 17 00:00:00 2001
From: WuKong <rebirthmonkey@gmail.com>
Date: Sat, 23 Dec 2017 21:49:35 +0100
Subject: moonv4 cleanup

Change-Id: Icef927f3236d985ac13ff7376f6ce6314b2b39b0
Signed-off-by: WuKong <rebirthmonkey@gmail.com>
---
 .../conf/policies/policy_authz/assignment.json     | 55 ----------------------
 .../conf/policies/policy_authz/metadata.json       | 23 ---------
 .../conf/policies/policy_authz/metarule.json       | 24 ----------
 .../conf/policies/policy_authz/perimeter.json      | 21 ---------
 .../conf/policies/policy_authz/rule.json           | 25 ----------
 .../conf/policies/policy_authz/scope.json          | 49 -------------------
 6 files changed, 197 deletions(-)
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/metadata.json
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/metarule.json
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/perimeter.json
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/rule.json
 delete mode 100644 moonv4/moon_orchestrator/conf/policies/policy_authz/scope.json

(limited to 'moonv4/moon_orchestrator/conf/policies/policy_authz')

diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json
deleted file mode 100644
index 7a6c722e..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/assignment.json
+++ /dev/null
@@ -1,55 +0,0 @@
-{
-    "subject_assignments": {
-        "subject_security_level":{
-			"admin": ["high"],
-			"demo": ["medium"]
-        },
-		"domain":{
-			"admin": ["ft"],
-			"demo": ["xx"]
-        },
-		"role": {
-			"admin": ["admin"],
-			"demo": ["dev"]
-		}
-    },
-
-    "action_assignments": {
-        "resource_action":{
-			"pause": ["vm_admin"],
-			"unpause": ["vm_admin"],
-			"start": ["vm_admin"],
-			"stop": ["vm_admin"],
-			"list": ["vm_access", "vm_admin"],
-			"create": ["vm_admin"],
-			"storage_list": ["storage_access"],
-			"download": ["storage_access"],
-			"post": ["storage_admin"],
-			"upload": ["storage_admin"]
-        },
-		"access": {
-			"pause": ["write"],
-			"unpause": ["write"],
-			"start": ["write"],
-			"stop": ["write"],
-			"list": ["read"],
-			"create": ["write"],
-			"storage_list": ["read"],
-			"download": ["read"],
-			"post": ["write"],
-			"upload": ["write"]
-		}
-    },
-
-    "object_assignments": {
-        "object_security_level": {
-            "servers": ["low"]
-        },
-		"type": {
-			"servers": ["computing"]
-		},
-		"object_id": {
-			"servers": ["servers"]
-		}
-    }
-}
diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/metadata.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/metadata.json
deleted file mode 100644
index 21a99eb2..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/metadata.json
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-    "name": "Simple_Policy",
-    "genre": "authz",
-    "description": "Simple Security Policy",
-    "pdp_pipeline": ["authz:rbac_rule", "authz:mls_rule"],
-
-    "subject_categories": [
-        "subject_security_level",
-		"domain",
-		"role"
-    ],
-
-    "action_categories": [
-        "resource_action",
-        "access"
-    ],
-
-    "object_categories": [
-        "object_security_level",
-		"type",
-		"object_id"
-    ]
-}
diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/metarule.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/metarule.json
deleted file mode 100644
index c9afd6c2..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/metarule.json
+++ /dev/null
@@ -1,24 +0,0 @@
-{
-    "sub_meta_rules": {
-		"mls_rule": {
-			"subject_categories": ["subject_security_level"],
-			"action_categories": ["resource_action"],
-			"object_categories": ["object_security_level"],
-			"algorithm": "inclusion"
-		},
-		"dte_rule": {
-			"subject_categories": ["domain"],
-			"action_categories": ["access"],
-			"object_categories": ["type"],
-			"algorithm": "inclusion"
-		},
-		"rbac_rule": {
-			"subject_categories": ["role", "domain"],
-			"action_categories": ["access"],
-			"object_categories": ["object_id"],
-			"algorithm": "inclusion"
-		}
-	},
-	"aggregation": "all_true"
-}
-
diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/perimeter.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/perimeter.json
deleted file mode 100644
index 47a8ee45..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/perimeter.json
+++ /dev/null
@@ -1,21 +0,0 @@
-{
-    "subjects": [
-        "admin",
-        "demo"
-    ],
-    "actions": [
-        "pause",
-        "unpause",
-        "start",
-        "stop",
-        "create",
-        "list",
-        "upload",
-        "download",
-        "post",
-        "storage_list"
-    ],
-    "objects": [
-        "servers"
-    ]
-}
diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/rule.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/rule.json
deleted file mode 100644
index 25f9d93a..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/rule.json
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-	"mls_rule":[
-		["high", "vm_admin", "medium"],
-		["high", "vm_admin", "low"],
-		["medium", "vm_admin", "low"],
-		["high", "vm_access", "high"],
-		["high", "vm_access", "medium"],
-		["high", "vm_access", "low"],
-		["medium", "vm_access", "medium"],
-		["medium", "vm_access", "low"],
-		["low", "vm_access", "low"]
-	],
-	"dte_rule":[
-		["ft", "read", "computing"],
-		["ft", "write", "computing"],
-		["ft", "read", "storage"],
-		["ft", "write", "storage"],
-		["xx", "read", "storage"]
-	],
-	"rbac_rule":[
-		["dev", "xx", "read", "servers"],
-		["admin", "xx", "read", "servers"],
-		["admin", "ft", "read", "servers"]
-	]
-}
diff --git a/moonv4/moon_orchestrator/conf/policies/policy_authz/scope.json b/moonv4/moon_orchestrator/conf/policies/policy_authz/scope.json
deleted file mode 100644
index 9b313daf..00000000
--- a/moonv4/moon_orchestrator/conf/policies/policy_authz/scope.json
+++ /dev/null
@@ -1,49 +0,0 @@
-{
-  "subject_scopes": {
-    "role": [
-      "admin",
-      "dev"
-    ],
-    "subject_security_level": [
-      "high",
-      "medium",
-      "low"
-    ],
-    "domain": [
-      "ft",
-      "xx"
-    ]
-  },
-
-  "action_scopes": {
-    "resource_action": [
-      "vm_admin",
-      "vm_access",
-      "storage_admin",
-      "storage_access"
-    ],
-    "access": [
-      "write",
-      "read"
-    ]
-  },
-
-  "object_scopes": {
-    "object_security_level": [
-      "high",
-      "medium",
-      "low"
-      ],
-    "type": [
-      "computing",
-      "storage"
-    ],
-    "object_id": [
-      "servers",
-      "vm1",
-      "vm2",
-      "file1",
-      "file2"
-    ]
-  }
-}
-- 
cgit 1.2.3-korg