[oslo][keystone][nova] Spec for moving policy format default to YAML
Ghanshyam Mann
gmann at ghanshyammann.com
Thu Jun 4 17:17:02 UTC 2020
---- On Thu, 04 Jun 2020 10:57:00 -0500 Ben Nemec <openstack at nemebean.com> wrote ----
> One of the outcomes of the Oslo PTG session on Monday was that we need
> to make YAML the official default for olso.policy instead of just the
> unofficial default as it has been since policy-in-code happened. The
> reason this hasn't happened before now is that it is complex and fraught
> with security concerns, but the RBAC work going on now has made it clear
> that we need do it anyway.
>
> To that end, I've written a spec[0] that I believe captures the plan we
> outlined in the PTG session. If this is relevant to your interests,
> please take a look and leave feedback.
Thanks, Ben for composing the spec, I added one comment about warning on having
default rules in the file.
Also, we will be tracking this in policy-popup team also as these are the things to finish before other projects
ship the new policy.
-gmann
>
> Thanks.
>
> -Ben
>
> 0: https://review.opendev.org/733650
>
>
More information about the openstack-discuss
mailing list