Define policies for accessing Watcher components

Registered by Antoine Cabot on 2016-01-19

Each OpenStack service, Identity, Compute, Networking and so on, has its own role-based access policies. They determine which user can access which objects in which way, and are defined in the service's policy.json file. The policy rule determines under which circumstances the API call is permitted. So, a cloud admin should be able to customize access rights on Watcher API.

Blueprint information

Status:
Complete
Approver:
Antoine Cabot
Priority:
Essential
Drafter:
Antoine Cabot
Direction:
Approved
Assignee:
Charlotte Han
Definition:
Approved
Series goal:
Accepted for newton
Implementation:
Implemented
Milestone target:
milestone icon newton-2
Started by
Antoine Cabot on 2016-06-28
Completed by
David TARDIVEL on 2016-07-13

Related branches

Sprints

Whiteboard

there is a WIP on policy evolution at the OpenStack level : https://review.openstack.org/#/c/245629/

Gerrit topic: https://review.openstack.org/#q,topic:bp/watcher-policies,n,z

Addressed by: https://review.openstack.org/334163
    Add policies for API access control to watcher project.

Addressed by: https://review.openstack.org/338305
    Add new documentation section for Watcher policies rules

Addressed by: https://review.openstack.org/339082
    [WIP]Add policies for API access control to watcher-dashboard project

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.

Subscribers

No subscribers.