Ironic Inspector Policy

Ironic Inspector Policy

The following is a sample ironic-inspector policy file, autogenerated from Ironic Inspector when this documentation is built. To avoid issues, make sure your version of ironic-inspector matches that of the example policy file.

The sample policy can also be downloaded as a file.

# Full read/write API access
#"is_admin": "role:admin or role:administrator or role:baremetal_admin"

# Read-only API access
#"is_observer": "role:baremetal_observer"

# Internal flag for public API routes
#"public_api": "is_public_api:True"

# Default API access policy
#"default": "!"

# Access the API root for available versions information
# GET  /
#"introspection": "rule:public_api"

# Access the versioned API root for version information
# GET  /{version}
#"introspection:version": "rule:public_api"

# Ramdisk callback to continue introspection
# POST  /continue
#"introspection:continue": "rule:public_api"

# Get introspection status
# GET  /introspection
# GET  /introspection/{node_id}
#"introspection:status": "rule:is_admin or rule:is_observer"

# Start introspection
# POST  /introspection/{node_id}
#"introspection:start": "rule:is_admin"

# Abort introspection
# POST  /introspection/{node_id}/abort
#"introspection:abort": "rule:is_admin"

# Get introspection data
# GET  /introspection/{node_id}/data
#"introspection:data": "rule:is_admin"

# Reapply introspection on stored data
# POST  /introspection/{node_id}/data/unprocessed
#"introspection:reapply": "rule:is_admin"

# Get introspection rule(s)
# GET  /rules
# GET  /rules/{rule_id}
#"introspection:rule:get": "rule:is_admin"

# Delete introspection rule(s)
# DELETE  /rules
# DELETE  /rules/{rule_id}
#"introspection:rule:delete": "rule:is_admin"

# Create introspection rule
# POST  /rules
#"introspection:rule:create": "rule:is_admin"

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.