Trove Policy Configuration¶

The following is an overview of all available policies in Aodh.

For a sample policy file refer to the policy.yaml or run tox -egenpolicy in the repo folder and the new file will be located in etc/trove/policy.yaml.sample

trove¶

admin

Default: role:admin or is_admin:True

Must be an administrator.

admin_or_owner

Default: rule:admin or project_id:%(tenant)s

Must be an administrator or owner of the object.

default

Default: rule:admin_or_owner

Must be an administrator or owner of the object.

instance:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances

Create a database instance.

instance:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}

Delete a database instance.

instance:force_delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}

Forcibly delete a database instance.

instance:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances

List database instances.

instance:detail

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/detail

List database instances with details.

instance:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}

Get details of a specific database instance.

instance:update

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/instances/{instance_id}
POST /v1.0/{account_id}/instances

Update a database instance to attach/detach configuration

instance:edit

Default

rule:admin_or_owner

Operations

PATCH /v1.0/{account_id}/instances/{instance_id}

Updates the instance to set or unset one or more attributes.

instance:restart

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (restart)

Restart a database instance.

instance:resize_volume

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (resize)

Resize a database instance volume.

instance:resize_flavor

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (resize)

Resize a database instance flavor.

instance:reset_status

Default

rule:admin

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (reset_status)

Reset the status of a database instance to ERROR.

instance:promote_to_replica_source

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (promote_to_replica_source)

Promote instance to replica source.

instance:eject_replica_source

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/action (eject_replica_source)

Eject the replica source from its replica set.

instance:configuration

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/configuration

Get the default configuration template applied to the instance.

instance:guest_log_list

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/log

Get all informations about all logs of a database instance.

instance:backups

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/backups

Get all backups of a database instance.

instance:module_list

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/modules

Get informations about modules on a database instance.

instance:module_apply

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/modules
POST /v1.0/{account_id}/instances

Apply modules to a database instance.

instance:module_remove

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}/modules/{module_id}

Remove a module from a database instance.

instance:extension:root:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/root

Enable the root user of a database instance.

instance:extension:root:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}/root

Disable the root user of a database instance.

instance:extension:root:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/root

Show whether the root user of a database instance has been ever enabled.

cluster:extension:root:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/clusters/{cluster}/root

Enable the root user of the instances in a cluster.

cluster:extension:root:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/clusters/{cluster}/root

Enable the root user of the instances in a cluster.

cluster:extension:root:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/clusters/{cluster}/root

Disable the root of the instances in a cluster.

instance:extension:user:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/users
POST /v1.0/{account_id}/instances

Create users for a database instance.

instance:extension:user:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}/users/{user}

Delete a user from a database instance.

instance:extension:user:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/users

Get all users of a database instance.

instance:extension:user:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/users/{user}

Get the information of a single user of a database instance.

instance:extension:user:update

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/instances/{instance_id}/users/{user}

Update attributes for a user of a database instance.

instance:extension:user:update_all

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/instances/{instance_id}/users

Update the password for one or more users a database instance.

instance:extension:user_access:update

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/instances/{instance_id}/users/{user}/databases

Grant access for a user to one or more databases.

instance:extension:user_access:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}/users/{user}/databases/{database}

Revoke access for a user to a databases.

instance:extension:user_access:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/users/{user}/databases

Get permissions of a user

instance:extension:database:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/instances/{instance_id}/databases
POST /v1.0/{account_id}/instances

Create a set of Schemas

instance:extension:database:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/instances/{instance_id}/databases/{database}

Delete a schema from a database.

instance:extension:database:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/databases

List all schemas from a database.

instance:extension:database:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/instances/{instance_id}/databases/{database}

Get informations of a schema(Currently Not Implemented).

cluster:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/clusters

Create a cluster.

cluster:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/clusters/{cluster}

Delete a cluster.

cluster:force_delete

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/clusters/{cluster} (reset-status)

Forcibly delete a cluster.

cluster:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/clusters

List all clusters

cluster:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/clusters/{cluster}

Get informations of a cluster.

cluster:show_instance

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/clusters/{cluster}/instances/{instance}

Get informations of a instance in a cluster.

cluster:action

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/clusters/{cluster}

Commit an action against a cluster

cluster:reset-status

Default

rule:admin

Operations

POST /v1.0/{account_id}/clusters/{cluster} (reset-status)

Reset the status of a cluster to NONE.

backup:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/backups

Create a backup of a database instance.

backup:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/backups/{backup}

Delete a backup of a database instance.

backup:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/backups

List all backups.

backup:index:all_projects

Default

role:admin

Operations

GET /v1.0/{account_id}/backups

List backups for all the projects.

backup:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/backups/{backup}

Get informations of a backup.

backup_strategy:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/backup_strategies

Create a backup strategy.

backup_strategy:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/backup_strategies

List all backup strategies.

backup_strategy:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/backup_strategies

Delete backup strategies.

configuration:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/configurations

Create a configuration group.

configuration:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/configurations/{config}

Delete a configuration group.

configuration:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/configurations

List all configuration groups.

configuration:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/configurations/{config}

Get informations of a configuration group.

configuration:instances

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/configurations/{config}/instances

List all instances which a configuration group has be assigned to.

configuration:update

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/configurations/{config}

Update a configuration group(the configuration group will be replaced completely).

configuration:edit

Default

rule:admin_or_owner

Operations

PATCH /v1.0/{account_id}/configurations/{config}

Patch a configuration group.

configuration-parameter:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions/{version}/parameters

List all parameters bind to a datastore version.

configuration-parameter:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions/{version}/parameters/{param}

Get a paramter of a datastore version.

configuration-parameter:index_by_version

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/datastores/versions/{version}/paramters

List all paramters bind to a datastore version by the id of the version(datastore is not provided).

configuration-parameter:show_by_version

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/datastores/versions/{version}/paramters/{param}

Get a paramter of a datastore version by it names and the id of the version(datastore is not provided).

datastore:index

Default

Operations

GET /v1.0/{account_id}/datastores

List all datastores.

datastore:show

Default

Operations

GET /v1.0/{account_id}/datastores/{datastore}

Get informations of a datastore.

datastore:delete

Default

rule:admin

Operations

DELETE /v1.0/{account_id}/datastores/{datastore}

Delete a datastore.

datastore:version_show

Default

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions/{version}

Get a version of a datastore by the version id.

datastore:version_show_by_uuid

Default

Operations

GET /v1.0/{account_id}/datastores/versions/{version}

Get a version of a datastore by the version id(without providing the datastore id).

datastore:version_index

Default

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions

Get all versions of a datastore.

datastore:list_associated_flavors

Default

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions/{version}/flavors

List all flavors associated with a datastore version.

datastore:list_associated_volume_types

Default

Operations

GET /v1.0/{account_id}/datastores/{datastore}/versions/{version}/volume-types

List all volume-types associated with a datastore version.

flavor:index

Default

Operations

GET /v1.0/{account_id}/flavors

List all flavors.

flavor:show

Default

Operations

GET /v1.0/{account_id}/flavors/{flavor}

Get information of a flavor.

limits:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/limits

List all absolute and rate limit informations.

module:create

Default

rule:admin_or_owner

Operations

POST /v1.0/{account_id}/modules

Create a module.

module:delete

Default

rule:admin_or_owner

Operations

DELETE /v1.0/{account_id}/modules/{module}

Delete a module.

module:index

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/modules

List all modules.

module:show

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/modules/{module}

Get informations of a module.

module:instances

Default

rule:admin_or_owner

Operations

GET /v1.0/{account_id}/modules/{module}/instances

List all instances to which a module is applied.

module:update

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/modules/{module}

Update a module.

module:reapply

Default

rule:admin_or_owner

Operations

PUT /v1.0/{account_id}/modules/{module}/instances

Reapply a module to all instances.

Trove Policy Configuration

Trove Policy Configuration¶

trove¶

trove 17.0.2.dev2

Page Contents