[openstack-dev] [telemetry][ceilometer][gnocchi] RBAC for attributes in resource

Julien Danjou julien at danjou.info
Fri Jun 23 08:14:47 UTC 2017

On Fri, Jun 23 2017, Deepthi V V wrote:

> Current gnocchi code supports RBAC at operation level [gnocchi/gnocchi/rest/policy.json].
> Is it possible to add RBAC for attributes in a resource?
> For eg: Restrict resource search/show should display specific attributes only
> when query is performed by resource creator or admin.

oslo.policy does not have such a capability, so this is done by auth

They are picked by the `api.auth_mode' setting.

Feel free to send patches or write a new one if you prefer.

Julien Danjou
/* Free Software hacker
   https://julien.danjou.info */
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 800 bytes
Desc: not available
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170623/a1617675/attachment.sig>

More information about the OpenStack-dev mailing list