Created
January 16, 2019 14:31
-
-
Save michalskalski/bfe641726f53e4afc92e9ebd4c32ca66 to your computer and use it in GitHub Desktop.
Contrail policy.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "context_is_admin": "role:admin", | |
| "admin_or_owner": "is_admin:True or project_id:%(project_id)s", | |
| "default": "rule:admin_or_owner", | |
| "list_subnets": "rule:admin_or_owner", | |
| "create_subnets": "rule:admin_or_owner", | |
| "show_subnet": "rule:admin_or_owner", | |
| "update_subnet": "rule:admin_or_owner", | |
| "delete_subnet": "rule:admin_or_owner", | |
| "list_virtual_DNSs": "rule:admin_or_owner", | |
| "create_virtual_DNSs": "rule:admin_or_owner", | |
| "show_virtual_DNS": "rule:admin_or_owner", | |
| "delete_virtual_DNS": "rule:admin_or_owner", | |
| "update_virtual_DNS": "rule:admin_or_owner", | |
| "list_virtual_DNS_records": "rule:admin_or_owner", | |
| "create_virtual_DNS_records": "rule:admin_or_owner", | |
| "show_virtual_DNS_record": "rule:admin_or_owner", | |
| "delete_virtual_DNS_record": "rule:admin_or_owner", | |
| "update_virtual_DNS_record": "rule:admin_or_owner", | |
| "list_namespaces": "rule:admin_or_owner", | |
| "create_namespaces": "rule:admin_or_owner", | |
| "show_namespace": "rule:admin_or_owner", | |
| "update_namespace": "rule:admin_or_owner", | |
| "delete_namespace": "rule:admin_or_owner", | |
| "list_alias_ips": "rule:admin_or_owner", | |
| "create_alias_ips": "rule:admin_or_owner", | |
| "show_alias_ip": "rule:admin_or_owner", | |
| "update_alias_ip": "rule:admin_or_owner", | |
| "delete_alias_ip": "rule:admin_or_owner", | |
| "list_alias_ip_pools": "rule:admin_or_owner", | |
| "create_alias_ip_pools": "rule:admin_or_owner", | |
| "show_alias_ip_pool": "rule:admin_or_owner", | |
| "update_alias_ip_pool": "rule:admin_or_owner", | |
| "delete_alias_ip_pool": "rule:admin_or_owner", | |
| "list_port_tuples": "rule:admin_or_owner", | |
| "show_port_tuple": "rule:admin_or_owner", | |
| "create_port_tuples": "rule:admin_or_owner", | |
| "update_port_tuple": "rule:admin_or_owner", | |
| "delete_port_tuple": "rule:admin_or_owner", | |
| "list_api_access_lists": "rule:admin_or_owner", | |
| "create_api_access_lists": "rule:admin_or_owner", | |
| "show_api_access_list": "rule:admin_or_owner", | |
| "update_api_access_list": "rule:admin_or_owner", | |
| "delete_api_access_list": "rule:admin_or_owner", | |
| "list_access_control_lists": "rule:admin_or_owner", | |
| "create_access_control_lists": "rule:admin_or_owner", | |
| "show_access_control_list": "rule:admin_or_owner", | |
| "update_access_control_list": "rule:admin_or_owner", | |
| "delete_access_control_list": "rule:admin_or_owner", | |
| "list_domains": "rule:admin_or_owner", | |
| "create_domains": "rule:admin_or_owner", | |
| "show_domain": "rule:admin_or_owner", | |
| "update_domain": "rule:admin_or_owner", | |
| "delete_domain": "rule:admin_or_owner", | |
| "list_database_nodes": "rule:admin_or_owner", | |
| "show_database_node": "rule:admin_or_owner", | |
| "create_database_nodes": "rule:admin_or_owner", | |
| "update_database_node": "rule:admin_or_owner", | |
| "delete_database_node": "rule:admin_or_owner", | |
| "list_fabrics": "rule:admin_or_owner", | |
| "create_fabric": "rule:admin_or_owner", | |
| "show_fabric": "rule:admin_or_owner", | |
| "delete_fabric": "rule:admin_or_owner", | |
| "update_fabric": "rule:admin_or_owner", | |
| "list_physical_interfaces": "rule:admin_or_owner", | |
| "create_physical_interfaces": "rule:admin_or_owner", | |
| "update_physical_interface": "rule:admin_or_owner", | |
| "delete_physical_interface": "rule:admin_or_owner", | |
| "show_physical_interface": "rule:admin_or_owner", | |
| "list_logical_interfaces": "rule:admin_or_owner", | |
| "create_logical_interfaces": "rule:admin_or_owner", | |
| "update_logical_interface": "rule:admin_or_owner", | |
| "delete_logical_interface": "rule:admin_or_owner", | |
| "show_logical_interface": "rule:admin_or_owner", | |
| "list_projects": "rule:admin_or_owner", | |
| "create_projects": "rule:admin_or_owner", | |
| "show_project": "rule:admin_or_owner", | |
| "update_project": "rule:admin_or_owner", | |
| "delete_project": "rule:admin_or_owner", | |
| "list_provider_attachments": "rule:admin_or_owner", | |
| "create_provider_attachments": "rule:admin_or_owner", | |
| "show_provider_attachment": "rule:admin_or_owner", | |
| "update_provider_attachment": "rule:admin_or_owner", | |
| "delete_provider_attachment": "rule:admin_or_owner", | |
| "list_customer_attachments": "rule:admin_or_owner", | |
| "create_customer_attachments": "rule:admin_or_owner", | |
| "show_customer_attachment": "rule:admin_or_owner", | |
| "update_customer_attachment": "rule:admin_or_owner", | |
| "delete_customer_attachment": "rule:admin_or_owner", | |
| "list_virtual_networks": "rule:admin_or_owner", | |
| "create_virtual_networks": "rule:admin_or_owner", | |
| "update_virtual_network": "rule:admin_or_owner", | |
| "delete_virtual_network": "rule:admin_or_owner", | |
| "show_virtual_network": "rule:admin_or_owner", | |
| "list_routing_policys": "rule:admin_or_owner", | |
| "create_routing_policys": "rule:admin_or_owner", | |
| "show_routing_policy": "rule:admin_or_owner", | |
| "update_routing_policy": "rule:admin_or_owner", | |
| "delete_routing_policy": "rule:admin_or_owner", | |
| "list_virtual_ips": "rule:admin_or_owner", | |
| "create_virtual_ips": "rule:admin_or_owner", | |
| "show_virtual_ip": "rule:admin_or_owner", | |
| "update_virtual_ip": "rule:admin_or_owner", | |
| "delete_virtual_ip": "rule:admin_or_owner", | |
| "list_bgp_as_a_services": "rule:admin_or_owner", | |
| "create_bgp_as_a_services": "rule:admin_or_owner", | |
| "show_bgp_as_a_service": "rule:admin_or_owner", | |
| "delete_bgp_as_a_service": "rule:admin_or_owner", | |
| "update_bgp_as_a_service": "rule:admin_or_owner", | |
| "list_config_nodes": "rule:admin_or_owner", | |
| "create_config_nodes": "rule:admin_or_owner", | |
| "delete_config_node": "rule:admin_or_owner", | |
| "show_config_node": "rule:admin_or_owner", | |
| "update_config_node": "rule:admin_or_owner", | |
| "create_config_roots": "rule:admin_or_owner", | |
| "delete_config_root": "rule:admin_or_owner", | |
| "show_config_root": "rule:admin_or_owner", | |
| "update_config_root": "rule:admin_or_owner", | |
| "list_config_roots": "rule:admin_or_owner", | |
| "list_global_system_configs": "rule:admin_or_owner", | |
| "create_global_system_configs": "rule:admin_or_owner", | |
| "show_global_system_config": "rule:admin_or_owner", | |
| "update_global_system_config": "rule:admin_or_owner", | |
| "delete_global_system_config": "rule:admin_or_owner", | |
| "list_network_policys": "rule:admin_or_owner", | |
| "create_network_policys": "rule:admin_or_owner", | |
| "show_network_policy": "rule:admin_or_owner", | |
| "update_network_policy": "rule:admin_or_owner", | |
| "delete_network_policy": "rule:admin_or_owner", | |
| "list_instance_ips": "rule:admin_or_owner", | |
| "create_instance_ips": "rule:admin_or_owner", | |
| "show_instance_ip": "rule:admin_or_owner", | |
| "update_instance_ip": "rule:admin_or_owner", | |
| "delete_instance_ip": "rule:admin_or_owner", | |
| "list_service_appliances": "rule:admin_or_owner", | |
| "create_service_appliances": "rule:admin_or_owner", | |
| "show_service_appliance": "rule:admin_or_owner", | |
| "update_service_appliance": "rule:admin_or_owner", | |
| "delete_service_appliance": "rule:admin_or_owner", | |
| "list_service_appliance_sets": "rule:admin_or_owner", | |
| "create_service_appliance_sets": "rule:admin_or_owner", | |
| "show_service_appliance_set": "rule:admin_or_owner", | |
| "update_service_appliance_set": "rule:admin_or_owner", | |
| "delete_service_appliance_set": "rule:admin_or_owner", | |
| "list_global_qos_configs": "rule:admin_or_owner", | |
| "create_global_qos_configs": "rule:admin_or_owner", | |
| "show_global_qos_config": "rule:admin_or_owner", | |
| "update_global_qos_config": "rule:admin_or_owner", | |
| "delete_global_qos_config": "rule:admin_or_owner", | |
| "create_floating_ip_pools": "rule:admin_or_owner", | |
| "list_floating_ip_pools": "rule:admin_or_owner", | |
| "show_floating_ip_pool": "rule:admin_or_owner", | |
| "update_floating_ip_pool": "rule:admin_or_owner", | |
| "delete_floating_ip_pool": "rule:admin_or_owner", | |
| "create_floating_ips": "rule:admin_or_owner", | |
| "list_floating_ips": "rule:admin_or_owner", | |
| "show_floating_ip": "rule:admin_or_owner", | |
| "update_floating_ip": "rule:admin_or_owner", | |
| "delete_floating_ip": "rule:admin_or_owner", | |
| "list_forwarding_classs": "rule:admin_or_owner", | |
| "show_forwarding_class": "rule:admin_or_owner", | |
| "create_forwarding_classs": "rule:admin_or_owner", | |
| "update_forwarding_class": "rule:admin_or_owner", | |
| "delete_forwarding_class": "rule:admin_or_owner", | |
| "list_discovery_service_assignments": "rule:admin_or_owner", | |
| "create_discovery_service_assignments": "rule:admin_or_owner", | |
| "show_discovery_service_assignment": "rule:admin_or_owner", | |
| "update_discovery_service_assignment": "rule:admin_or_owner", | |
| "delete_discovery_service_assignment": "rule:admin_or_owner", | |
| "list_qos_queues": "rule:admin_or_owner", | |
| "create_qos_queues": "rule:admin_or_owner", | |
| "show_qos_queue": "rule:admin_or_owner", | |
| "delete_qos_queue": "rule:admin_or_owner", | |
| "update_qos_queue": "rule:admin_or_owner", | |
| "list_security_groups": "rule:admin_or_owner", | |
| "show_security_group": "rule:admin_or_owner", | |
| "delete_security_group": "rule:admin_or_owner", | |
| "create_security_groups": "rule:admin_or_owner", | |
| "update_security_group": "rule:admin_or_owner", | |
| "list_analytics_nodes": "rule:admin_or_owner", | |
| "show_analytics_node": "rule:admin_or_owner", | |
| "create_analytics_nodes": "rule:admin_or_owner", | |
| "update_analytics_node": "rule:admin_or_owner", | |
| "delete_analytics_node": "rule:admin_or_owner", | |
| "list_route_tables": "rule:admin_or_owner", | |
| "show_route_table": "rule:admin_or_owner", | |
| "create_route_tables": "rule:admin_or_owner", | |
| "update_route_table": "rule:admin_or_owner", | |
| "delete_route_table": "rule:admin_or_owner", | |
| "list_interface_route_tables": "rule:admin_or_owner", | |
| "show_interface_route_table": "rule:admin_or_owner", | |
| "create_interface_route_tables": "rule:admin_or_owner", | |
| "update_interface_route_table": "rule:admin_or_owner", | |
| "delete_interface_route_table": "rule:admin_or_owner", | |
| "list_route_targets": "rule:admin_or_owner", | |
| "show_route_target": "rule:admin_or_owner", | |
| "create_route_targets": "rule:admin_or_owner", | |
| "update_route_target": "rule:admin_or_owner", | |
| "delete_route_target": "rule:admin_or_owner", | |
| "list_route_aggregates": "rule:admin_or_owner", | |
| "show_route_aggregate": "rule:admin_or_owner", | |
| "create_route_aggregates": "rule:admin_or_owner", | |
| "update_route_aggregate": "rule:admin_or_owner", | |
| "delete_route_aggregate": "rule:admin_or_owner", | |
| "fqname_to_id": "rule:admin_or_owner", | |
| "id_to_fqname": "rule:admin_or_owner", | |
| "list_fabric_namespaces": "rule:admin_or_owner", | |
| "create_fabric_namespace": "rule:admin_or_owner", | |
| "show_fabric_namespace": "rule:admin_or_owner", | |
| "delete_fabric_namespace": "rule:admin_or_owner", | |
| "update_fabric_namespace": "rule:admin_or_owner", | |
| "list_virtual_machine_interfaces": "rule:admin_or_owner", | |
| "create_virtual_machine_interfaces": "rule:admin_or_owner", | |
| "show_virtual_machine_interface": "rule:admin_or_owner", | |
| "delete_virtual_machine_interface": "rule:admin_or_owner", | |
| "update_virtual_machine_interface": "rule:admin_or_owner", | |
| "list_qos_configs": "rule:admin_or_owner", | |
| "create_qos_configs": "rule:admin_or_owner", | |
| "show_qos_config": "rule:admin_or_owner", | |
| "delete_qos_config": "rule:admin_or_owner", | |
| "update_qos_config": "rule:admin_or_owner", | |
| "list_dsa_rules": "rule:admin_or_owner", | |
| "show_dsa_rule": "rule:admin_or_owner", | |
| "create_dsa_rules": "rule:admin_or_owner", | |
| "update_dsa_rule": "rule:admin_or_owner", | |
| "delete_dsa_rule": "rule:admin_or_owner", | |
| "list_alarms": "rule:admin_or_owner", | |
| "create_alarms": "rule:admin_or_owner", | |
| "show_alarm": "rule:admin_or_owner", | |
| "update_alarm": "rule:admin_or_owner", | |
| "delete_alarm": "rule:admin_or_owner", | |
| "list_load_balancers": "rule:admin_or_owner", | |
| "create_load_balancers": "rule:admin_or_owner", | |
| "show_load_balancer": "rule:admin_or_owner", | |
| "update_load_balancer": "rule:admin_or_owner", | |
| "delete_load_balancer": "rule:admin_or_owner", | |
| "list_load_balancer_health_monitors": "rule:admin_or_owner", | |
| "create_load_balancer_health_monitors": "rule:admin_or_owner", | |
| "show_load_balancer_health_monitor": "rule:admin_or_owner", | |
| "update_load_balancer_health_monitor": "rule:admin_or_owner", | |
| "delete_load_balancer_health_monitor": "rule:admin_or_owner", | |
| "list_load_balancer_listeners": "rule:admin_or_owner", | |
| "create_load_balancer_listeners": "rule:admin_or_owner", | |
| "show_load_balancer_listener": "rule:admin_or_owner", | |
| "update_load_balancer_listener": "rule:admin_or_owner", | |
| "delete_load_balancer_listener": "rule:admin_or_owner", | |
| "list_load_balancer_pools": "rule:admin_or_owner", | |
| "create_load_balancer_pools": "rule:admin_or_owner", | |
| "show_load_balancer_pool": "rule:admin_or_owner", | |
| "update_load_balancer_pool": "rule:admin_or_owner", | |
| "delete_load_balancer_pool": "rule:admin_or_owner", | |
| "list_load_balancer_members": "rule:admin_or_owner", | |
| "create_load_balancer_members": "rule:admin_or_owner", | |
| "show_load_balancer_member": "rule:admin_or_owner", | |
| "update_load_balancer_member": "rule:admin_or_owner", | |
| "delete_load_balancer_member": "rule:admin_or_owner", | |
| "list_routing_instances": "rule:admin_or_owner", | |
| "create_routing_instances": "rule:admin_or_owner", | |
| "show_routing_instance": "rule:admin_or_owner", | |
| "delete_routing_instance": "rule:admin_or_owner", | |
| "update_routing_instance": "rule:admin_or_owner", | |
| "list_service_templates": "rule:admin_or_owner", | |
| "create_service_templates": "rule:admin_or_owner", | |
| "show_service_template": "rule:admin_or_owner", | |
| "update_service_template": "rule:admin_or_owner", | |
| "delete_service_template": "rule:admin_or_owner", | |
| "list_service_health_checks": "rule:admin_or_owner", | |
| "create_service_health_checks": "rule:admin_or_owner", | |
| "show_service_health_check": "rule:admin_or_owner", | |
| "update_service_health_check": "rule:admin_or_owner", | |
| "delete_service_health_check": "rule:admin_or_owner", | |
| "create_service_instances": "rule:admin_or_owner", | |
| "show_service_instance": "rule:admin_or_owner", | |
| "delete_service_instance": "rule:admin_or_owner", | |
| "list_service_instances": "rule:admin_or_owner", | |
| "update_service_instance": "rule:admin_or_owner", | |
| "list_network_ipams": "rule:admin_or_owner", | |
| "create_network_ipams": "rule:admin_or_owner", | |
| "show_network_ipam": "rule:admin_or_owner", | |
| "delete_network_ipam": "rule:admin_or_owner", | |
| "update_network_ipam": "rule:admin_or_owner", | |
| "list_physical_routers": "rule:admin_or_owner", | |
| "create_physical_routers": "rule:admin_or_owner", | |
| "show_physical_router": "rule:admin_or_owner", | |
| "update_physical_router": "rule:admin_or_owner", | |
| "delete_physical_router": "rule:admin_or_owner", | |
| "list_bgp_routers": "rule:admin_or_owner", | |
| "create_bgp_routers": "rule:admin_or_owner", | |
| "show_bgp_router": "rule:admin_or_owner", | |
| "update_bgp_router": "rule:admin_or_owner", | |
| "delete_bgp_router": "rule:admin_or_owner", | |
| "list_global_vrouter_configs": "rule:admin_or_owner", | |
| "create_global_vrouter_configs": "rule:admin_or_owner", | |
| "show_global_vrouter_config": "rule:admin_or_owner", | |
| "update_global_vrouter_config": "rule:admin_or_owner", | |
| "delete_global_vrouter_config": "rule:admin_or_owner", | |
| "list_logical_routers": "rule:admin_or_owner", | |
| "create_logical_routers": "rule:admin_or_owner", | |
| "show_logical_router": "rule:admin_or_owner", | |
| "update_logical_router": "rule:admin_or_owner", | |
| "delete_logical_router": "rule:admin_or_owner", | |
| "list_virtual_routers": "rule:admin_or_owner", | |
| "create_virtual_routers": "rule:admin_or_owner", | |
| "show_virtual_router": "rule:admin_or_owner", | |
| "update_virtual_router": "rule:admin_or_owner", | |
| "delete_virtual_router": "rule:admin_or_owner" | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment