Mistral Policy Configuration¶
Warning
JSON formatted policy file is deprecated since Mistral 12.0.0 (Wallaby). This oslopolicy-convert-json-to-yaml tool will migrate your existing JSON-formatted policy file to YAML in a backward-compatible way.
Configuration¶
The following is an overview of all available policies in Mistral. For a sample configuration file, refer to policy.yaml.
mistral¶
actions:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/actions
Create a new action.
actions:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/actions
Delete the named action.
actions:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/actions/{action_id}
Return the named action.
actions:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/actions
Return all actions.
actions:publicize
- Default
rule:admin_or_owner
- Operations
POST
/v2/actions
PUT
/v2/actions
Make an action publicly available
actions:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/actions
Update one or more actions.
action_executions:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/action_executions
Create new action execution.
action_executions:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/action_executions
Delete the specified action execution.
action_executions:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/action_executions/{action_execution_id}
Return the specified action execution.
action_executions:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/action_executions
Return all tasks within the execution.
action_executions:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/action_executions
Update the specified action execution.
admin_only
- Default
is_admin:True
(no description provided)
admin_or_owner
- Default
is_admin:True or project_id:%(project_id)s
(no description provided)
code_sources:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/code_sources
Create a new code source.
code_sources:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/code_sources
Delete the named code source.
code_sources:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/code_sources/{action_id}
Return the named code source.
code_sources:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/code_sources
Return all code sources.
code_sources:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/code_sources
Update one or more code source.
dynamic_actions:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/dynamic_actions
Create a new dynamic action.
dynamic_actions:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/dynamic_actions
Delete the named dynamic action.
dynamic_actions:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/dynamic_actions/{action_id}
Return the named dynamic action.
dynamic_actions:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/dynamic_actions
Return all dynamic actions.
dynamic_actions:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/dynamic_actions
Update one or more dynamic actions.
cron_triggers:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/cron_triggers
Creates a new cron trigger.
cron_triggers:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/cron_triggers
Delete cron trigger.
cron_triggers:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/cron_triggers/{cron_trigger_id}
Returns the named cron trigger.
cron_triggers:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/cron_triggers
Return all cron triggers.
cron_triggers:list:all_projects
- Default
rule:admin_only
- Operations
GET
/v2/cron_triggers
Return all cron triggers of all projects.
environments:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/environments
Create a new environment.
environments:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/environments/{environment_name}
Delete the named environment.
environments:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/environments/{environment_name}
Return the named environment.
environments:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/environments
Return all environments.
environments:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/environments
Update an environment.
event_triggers:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/event_triggers
Create a new event trigger.
event_triggers:create:public
- Default
rule:admin_only
- Operations
POST
/v2/event_triggers
Create a new event trigger for public usage.
event_triggers:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/event_triggers/{event_trigger_id}
Delete event trigger.
event_triggers:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/event_triggers/{event_trigger_id}
Returns the specified event trigger.
event_triggers:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/event_triggers
Return all event triggers.
event_triggers:list:all_projects
- Default
rule:admin_only
- Operations
GET
/v2/event_triggers
Return all event triggers from all projects.
event_triggers:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/event_triggers
Updates an existing event trigger.
executions:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/executions
Create a new execution.
executions:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/executions/{execution_id}
Delete the specified execution.
executions:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/executions/{execution_id}
Return the specified execution.
executions:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/executions
Return all executions.
executions:list:all_projects
- Default
rule:admin_only
- Operations
GET
/v2/executions
Return all executions from all projects.
executions:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/executions
Update an execution.
members:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/members
Shares the resource to a new member.
members:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/members
Deletes a member from the member list of a resource.
members:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/members/{member_id}
Shows resource member details.
members:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/members
Return all members with whom the resource has been shared.
members:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/members
Sets the status for a resource member.
services:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/services
Return all Mistral services.
tasks:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/tasks/{task_id}
Return the specified task.
tasks:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/tasks
Return all tasks.
tasks:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/tasks
Update the specified task execution.
workbooks:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/workbooks
Create a new workbook.
workbooks:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/workbooks
Delete the named workbook.
workbooks:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/workbooks/{workbook_name}
Return the named workbook.
workbooks:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/workbooks
Return all workbooks.
workbooks:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/workbooks
Update an workbook.
workflows:create
- Default
rule:admin_or_owner
- Operations
POST
/v2/workflows
Create a new workflow.
workflows:delete
- Default
rule:admin_or_owner
- Operations
DELETE
/v2/workflows
Delete a workflow.
workflows:get
- Default
rule:admin_or_owner
- Operations
GET
/v2/workflows/{workflow_id}
Return the named workflow.
workflows:list
- Default
rule:admin_or_owner
- Operations
GET
/v2/workflows
Return a list of workflows.
workflows:list:all_projects
- Default
rule:admin_only
- Operations
GET
/v2/workflows
Return a list of workflows from all projects.
workflows:publicize
- Default
rule:admin_or_owner
- Operations
POST
/v2/workflows
PUT
/v2/workflows
Make a workflow publicly available
workflows:update
- Default
rule:admin_or_owner
- Operations
PUT
/v2/workflows
Update one or more workflows.