Policy configuration

Configuration

The following is an overview of all available policies in Karbor. For a sample configuration file.

karbor

context_is_admin
Default

role:admin

(no description provided)

admin_or_owner
Default

is_admin:True or (role:admin and is_admin_project:True) or  project_id:%(project_id)s

(no description provided)

default
Default

rule:admin_or_owner

(no description provided)

admin_api
Default

is_admin:True or (role:admin and is_admin_project:True)

(no description provided)

plan:create
Default

rule:admin_or_owner

Operations
  • POST /plans

Create a plan.

plan:update
Default

rule:admin_or_owner

Operations
  • PUT /plans/{plan_id}

Update a plan.

plan:delete
Default

rule:admin_or_owner

Operations
  • DELETE /plans/{plan_id}

Delete a plan.

plan:get
Default

rule:admin_or_owner

Operations
  • GET /plans/{plan_id}

Get a plan.

plan:get_all
Default

rule:admin_or_owner

Operations
  • GET /plans

Get plans.

restore:create
Default

rule:admin_or_owner

Operations
  • POST /restores

Create a restore.

restore:update
Default

rule:admin_or_owner

Operations
  • PUT /restores

Update a restore.

restore:get
Default

rule:admin_or_owner

Operations
  • GET /restores/{restore_id}

Get a restore.

restore:get_all
Default

rule:admin_or_owner

Operations
  • GET /restores

Get restores.

protectable:get
Default

rule:admin_or_owner

Operations
  • GET /protectables/{protectable_type}

Show a protectable type.

protectable:get_all
Default

rule:admin_or_owner

Operations
  • GET /protectables

List protectable types.

protectable:instance_get
Default

rule:admin_or_owner

Operations
  • GET /protectables/{protectable_type}/instances/{resource_id}

Show a protectable instance.

protectable:instance_get_all
Default

rule:admin_or_owner

Operations
  • GET /protectables/{protectable_type}/instances

List protectable instances.

provider:get
Default

rule:admin_or_owner

Operations
  • GET /providers/{provider_id}

Show a protection provider.

provider:get_all
Default

rule:admin_or_owner

Operations
  • GET /providers

List protection providers.

provider:checkpoint_get
Default

rule:admin_or_owner

Operations
  • GET /providers/{provider_id}/checkpoints/{checkpoint_id}

Show a checkpoint.

provider:checkpoint_get_all
Default

rule:admin_or_owner

Operations
  • GET /providers/{provider_id}/checkpoints

List checkpoints.

provider:checkpoint_create
Default

rule:admin_or_owner

Operations
  • POST /providers/{provider_id}/checkpoints

Create checkpoint.

provider:checkpoint_delete
Default

rule:admin_or_owner

Operations
  • DELETE /providers/{provider_id}/checkpoints/{checkpoint_id}

Delete checkpoint.

provider:checkpoint_update
Default

rule:admin_or_owner

Operations
  • PUT /providers/{provider_id}/checkpoints/{checkpoint_id}

Reset checkpoint state.

trigger:create
Default

rule:admin_or_owner

Operations
  • POST /triggers

Create a trigger.

trigger:update
Default

rule:admin_or_owner

Operations
  • PUT /triggers/{trigger_id}

Update a trigger.

trigger:delete
Default

rule:admin_or_owner

Operations
  • DELETE /triggers/{trigger_id}

Delete a trigger.

trigger:get
Default

rule:admin_or_owner

Operations
  • GET /triggers/{trigger_id}

Get a trigger.

trigger:list
Default

rule:admin_or_owner

Operations
  • GET /triggers

Get triggerss.

scheduled_operation:create
Default

rule:admin_or_owner

Operations
  • POST /scheduled_operations

Create a scheduled_operation.

scheduled_operation:delete
Default

rule:admin_or_owner

Operations
  • DELETE /scheduled_operations/{scheduled_operation_id}

Delete a scheduled_operation.

scheduled_operation:get
Default

rule:admin_or_owner

Operations
  • GET /scheduled_operations/{scheduled_operation_id}

Get a scheduled_operation.

scheduled_operation:list
Default

rule:admin_or_owner

Operations
  • GET /scheduled_operations

Get scheduled_operations.

operation_log:get
Default

rule:admin_or_owner

Operations
  • GET /operation_logs/{operation_log_id}

Get an operation_log.

operation_log:list
Default

rule:admin_or_owner

Operations
  • GET /operation_logs

Get operation_logs.

verification:create
Default

rule:admin_or_owner

Operations
  • POST /verifications

Create a verification.

verification:get
Default

rule:admin_or_owner

Operations
  • GET /verifications/{verification_id}

Get a verification.

verification:get_all
Default

rule:admin_or_owner

Operations
  • GET /verifications

Get verifications.

service:get_all
Default

rule:admin_api

Operations
  • GET /os-services

List services.

service:update
Default

rule:admin_api

Operations
  • PUT /os-services/{service_id}

Update service status

quota:update
Default

rule:admin_api

Operations
  • PUT /quotas/{project_id}

Update quotas for a project.

quota:delete
Default

rule:admin_api

Operations
  • DELETE /quotas/{project_id}

Delete quotas for a project.

quota:get
Default

rule:admin_or_owner

Operations
  • GET /quotas/{project_id}

Get quotas for a project.

quota:get_default
Default

rule:admin_or_owner

Operations
  • GET /quotas/{project_id}/defaults

Get default quotas for a project.

quota_class:update
Default

rule:admin_api

Operations
  • PUT /quota_classes/{quota_class_name}

Update quota classes.

quota_class:get
Default

rule:admin_or_owner

Operations
  • GET /quota_classes/{quota_class_name}

Get quota classes.

copy:create
Default

rule:admin_or_owner

Operations
  • POST /{project_id}/providers/{provider_id}/checkpoints/action

Create a copy.