Sample Tacker Policy File¶
Warning
JSON formatted policy file is deprecated since Tacker 5.0.0 (Wallaby). This oslopolicy-convert-json-to-yaml tool will migrate your existing JSON-formatted policy file to YAML in a backward-compatible way.
The following is a sample tacker policy file for adaptation and use.
The sample policy can also be viewed in file form
.
Important
The sample policy file is auto-generated from tacker when this documentation is built. You must ensure your version of tacker matches the version of this documentation.
# Decides what is required for the 'is_admin:True' check to succeed.
#"context_is_admin": "role:admin"
# Default rule for most non-Admin APIs.
#"admin_or_owner": "is_admin:True or tenant_id:%(tenant_id)s"
# Default rule for most Admin APIs.
#"admin_only": "is_admin:True"
# Default rule for sharing vims.
#"shared": "field:vims:shared=True"
# Default rule for most non-Admin APIs.
#"default": "rule:admin_or_owner"
# Creates a vnf package.
# POST /vnf_packages
#"os_nfv_orchestration_api:vnf_packages:create": "rule:admin_or_owner"
# Show a vnf package.
# GET /vnf_packages/{vnf_package_id}
#"os_nfv_orchestration_api:vnf_packages:show": "rule:admin_or_owner"
# List all vnf packages.
# GET /vnf_packages/
#"os_nfv_orchestration_api:vnf_packages:index": "rule:admin_or_owner"
# Delete a vnf package.
# DELETE /vnf_packages/{vnf_package_id}
#"os_nfv_orchestration_api:vnf_packages:delete": "rule:admin_or_owner"
# fetch the contents of an on-boarded VNF Package
# GET /vnf_packages/{vnf_package_id}/package_content
#"os_nfv_orchestration_api:vnf_packages:fetch_package_content": "rule:admin_or_owner"
# upload a vnf package content.
# PUT /vnf_packages/{vnf_package_id}/package_content
#"os_nfv_orchestration_api:vnf_packages:upload_package_content": "rule:admin_or_owner"
# upload a vnf package content from uri.
# POST /vnf_packages/{vnf_package_id}/package_content/upload_from_uri
#"os_nfv_orchestration_api:vnf_packages:upload_from_uri": "rule:admin_or_owner"
# update information of vnf package.
# PATCH /vnf_packages/{vnf_package_id}
#"os_nfv_orchestration_api:vnf_packages:patch": "rule:admin_or_owner"
# reads the content of the VNFD within a VNF package.
# GET /vnf_packages/{vnf_package_id}/vnfd
#"os_nfv_orchestration_api:vnf_packages:get_vnf_package_vnfd": "rule:admin_or_owner"
# reads the content of the artifact within a VNF package.
# GET /vnf_packages/{vnfPkgId}/artifacts/{artifactPath}
#"os_nfv_orchestration_api:vnf_packages:fetch_artifact": "rule:admin_or_owner"
# Creates vnf instance.
# POST /vnflcm/v1/vnf_instances
#"os_nfv_orchestration_api:vnf_instances:create": "rule:admin_or_owner"
# Instantiate vnf instance.
# POST /vnflcm/v1/vnf_instances/{vnfInstanceId}/instantiate
#"os_nfv_orchestration_api:vnf_instances:instantiate": "rule:admin_or_owner"
# Query an Individual VNF instance.
# GET /vnflcm/v1/vnf_instances/{vnfInstanceId}
#"os_nfv_orchestration_api:vnf_instances:show": "rule:admin_or_owner"
# Terminate a VNF instance.
# POST /vnflcm/v1/vnf_instances/{vnfInstanceId}/terminate
#"os_nfv_orchestration_api:vnf_instances:terminate": "rule:admin_or_owner"
# Heal a VNF instance.
# POST /vnflcm/v1/vnf_instances/{vnfInstanceId}/heal
#"os_nfv_orchestration_api:vnf_instances:heal": "rule:admin_or_owner"
# Scale a VNF instance.
# POST /vnflcm/v1/vnf_instances/{vnfInstanceId}/scale
#"os_nfv_orchestration_api:vnf_instances:scale": "rule:admin_or_owner"
# Query an Individual VNF LCM operation occurrence
# GET /vnflcm/v1/vnf_lcm_op_occs/{vnfLcmOpOccId}
#"os_nfv_orchestration_api:vnf_instances:show_lcm_op_occs": "rule:admin_or_owner"
# Query VNF LCM operation occurrence
# GET /vnflcm/v1/vnf_lcm_op_occs
#"os_nfv_orchestration_api:vnf_instances:list_lcm_op_occs": "rule:admin_or_owner"
# Query VNF instances.
# GET /vnflcm/v1/vnf_instances
#"os_nfv_orchestration_api:vnf_instances:index": "rule:admin_or_owner"
# Delete an Individual VNF instance.
# DELETE /vnflcm/v1/vnf_instances/{vnfInstanceId}
#"os_nfv_orchestration_api:vnf_instances:delete": "rule:admin_or_owner"
# Update an Individual VNF instance.
# PATCH /vnflcm/v1/vnf_instances/{vnfInstanceId}
#"os_nfv_orchestration_api:vnf_instances:update_vnf": "rule:admin_or_owner"
# Rollback a VNF instance.
# POST /vnflcm/v1/vnf_lcm_op_occs/{vnfLcmOpOccId}/rollback
#"os_nfv_orchestration_api:vnf_instances:rollback": "rule:admin_or_owner"
# Fail a VNF instance.
# POST /vnflcm/v1/vnf_lcm_op_occs/{vnfLcmOpOccId}/fail
#"os_nfv_orchestration_api:vnf_instances:fail": "rule:admin_or_owner"
# Retry a VNF instance.
# POST /vnflcm/v1/vnf_lcm_op_occs/{vnfLcmOpOccId}/retry
#"os_nfv_orchestration_api:vnf_instances:retry": "rule:admin_or_owner"
# Change external VNF connectivity.
# POST /vnflcm/v1/vnf_instances/{vnfInstanceId}/change_ext_conn
#"os_nfv_orchestration_api:vnf_instances:change_ext_conn": "rule:admin_or_owner"