Placement Policies¶
Warning
JSON formatted policy file is deprecated since Placement 5.0.0 (Wallaby). The oslopolicy-convert-json-to-yaml tool will migrate your existing JSON-formatted policy file to YAML in a backward-compatible way.
The following is an overview of all available policies in Placement. For a sample configuration file, refer to Sample Placement Policy File.
placement¶
admin_api- Default
role:admin- Scope Types
system
Default rule for most placement APIs.
system_admin_api- Default
role:admin and system_scope:all
Default rule for System Admin APIs.
system_reader_api- Default
role:reader and system_scope:all
Default rule for System level read only APIs.
project_reader_api- Default
role:reader and project_id:%(project_id)s
Default rule for Project level read only APIs.
system_or_project_reader- Default
rule:system_reader_api or rule:project_reader_api
Default rule for System+Project read only APIs.
placement:resource_providers:list- Default
rule:system_reader_api- Operations
GET
/resource_providers
- Scope Types
system
List resource providers.
placement:resource_providers:create- Default
rule:system_admin_api- Operations
POST
/resource_providers
- Scope Types
system
Create resource provider.
placement:resource_providers:show- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}
- Scope Types
system
Show resource provider.
placement:resource_providers:update- Default
rule:system_admin_api- Operations
PUT
/resource_providers/{uuid}
- Scope Types
system
Update resource provider.
placement:resource_providers:delete- Default
rule:system_admin_api- Operations
DELETE
/resource_providers/{uuid}
- Scope Types
system
Delete resource provider.
placement:resource_classes:list- Default
rule:system_reader_api- Operations
GET
/resource_classes
- Scope Types
system
List resource classes.
placement:resource_classes:create- Default
rule:system_admin_api- Operations
POST
/resource_classes
- Scope Types
system
Create resource class.
placement:resource_classes:show- Default
rule:system_reader_api- Operations
GET
/resource_classes/{name}
- Scope Types
system
Show resource class.
placement:resource_classes:update- Default
rule:system_admin_api- Operations
PUT
/resource_classes/{name}
- Scope Types
system
Update resource class.
placement:resource_classes:delete- Default
rule:system_admin_api- Operations
DELETE
/resource_classes/{name}
- Scope Types
system
Delete resource class.
placement:resource_providers:inventories:list- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/inventories
- Scope Types
system
List resource provider inventories.
placement:resource_providers:inventories:create- Default
rule:system_admin_api- Operations
POST
/resource_providers/{uuid}/inventories
- Scope Types
system
Create one resource provider inventory.
placement:resource_providers:inventories:show- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/inventories/{resource_class}
- Scope Types
system
Show resource provider inventory.
placement:resource_providers:inventories:update- Default
rule:system_admin_api- Operations
PUT
/resource_providers/{uuid}/inventoriesPUT
/resource_providers/{uuid}/inventories/{resource_class}
- Scope Types
system
Update resource provider inventory.
placement:resource_providers:inventories:delete- Default
rule:system_admin_api- Operations
DELETE
/resource_providers/{uuid}/inventoriesDELETE
/resource_providers/{uuid}/inventories/{resource_class}
- Scope Types
system
Delete resource provider inventory.
placement:resource_providers:aggregates:list- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/aggregates
- Scope Types
system
List resource provider aggregates.
placement:resource_providers:aggregates:update- Default
rule:system_admin_api- Operations
PUT
/resource_providers/{uuid}/aggregates
- Scope Types
system
Update resource provider aggregates.
placement:resource_providers:usages- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/usages
- Scope Types
system
List resource provider usages.
placement:usages- Default
rule:system_or_project_reader- Operations
GET
/usages
- Scope Types
system
project
List total resource usages for a given project.
placement:traits:list- Default
rule:system_reader_api- Operations
GET
/traits
- Scope Types
system
List traits.
placement:traits:show- Default
rule:system_reader_api- Operations
GET
/traits/{name}
- Scope Types
system
Show trait.
placement:traits:update- Default
rule:system_admin_api- Operations
PUT
/traits/{name}
- Scope Types
system
Update trait.
placement:traits:delete- Default
rule:system_admin_api- Operations
DELETE
/traits/{name}
- Scope Types
system
Delete trait.
placement:resource_providers:traits:list- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/traits
- Scope Types
system
List resource provider traits.
placement:resource_providers:traits:update- Default
rule:system_admin_api- Operations
PUT
/resource_providers/{uuid}/traits
- Scope Types
system
Update resource provider traits.
placement:resource_providers:traits:delete- Default
rule:system_admin_api- Operations
DELETE
/resource_providers/{uuid}/traits
- Scope Types
system
Delete resource provider traits.
placement:allocations:manage- Default
rule:system_admin_api- Operations
POST
/allocations
- Scope Types
system
Manage allocations.
placement:allocations:list- Default
rule:system_reader_api- Operations
GET
/allocations/{consumer_uuid}
- Scope Types
system
List allocations.
placement:allocations:update- Default
rule:system_admin_api- Operations
PUT
/allocations/{consumer_uuid}
- Scope Types
system
Update allocations.
placement:allocations:delete- Default
rule:system_admin_api- Operations
DELETE
/allocations/{consumer_uuid}
- Scope Types
system
Delete allocations.
placement:resource_providers:allocations:list- Default
rule:system_reader_api- Operations
GET
/resource_providers/{uuid}/allocations
- Scope Types
system
List resource provider allocations.
placement:allocation_candidates:list- Default
rule:system_reader_api- Operations
GET
/allocation_candidates
- Scope Types
system
List allocation candidates.
placement:reshaper:reshape- Default
rule:system_admin_api- Operations
POST
/reshaper
- Scope Types
system
Reshape Inventory and Allocations.
