review.fuel-infra Code Review - openstack-build/heat-build.git/commit

]> review.fuel-infra Code Review - openstack-build/heat-build.git/commit

Code Review / openstack-build / heat-build.git / commit

author	Steven Hardy <shardy@redhat.com>
	Wed, 6 Feb 2013 16:32:54 +0000 (16:32 +0000)
committer	Steven Hardy <shardy@redhat.com>
	Thu, 7 Feb 2013 10:22:14 +0000 (10:22 +0000)
commit	1b1dd456b21a32235ab0327f9fbc312892ec6c46
tree	4381de8f23c6d8d8a5ee8279106306afcbefb369	tree \| snapshot
parent	d2223869f97055bd1012a31a29c3b1df24773a79	commit \| diff

heat api : Add policy.json authorization to cloudwatch API

Adds a basic policy.json to authorize all actions for the CW API -
this will deny access to the in-instance users defined in stack
templates (which are assigned the heat_stack_user role) to all API
actions apart from PutMetricData action, which is used by
cfn-push-stats to provide metric data from the instances

Change-Id: I2bbb885bec98b85828cdb92d7efc0688da7be3c1
Signed-off-by: Steven Hardy <shardy@redhat.com>

RSS Atom

etc/heat/policy.json		diff \| blob \| history
heat/api/cloudwatch/watch.py		diff \| blob \| history
heat/tests/policy/deny_stack_user.json		diff \| blob \| history
heat/tests/test_api_cloudwatch.py		diff \| blob \| history
heat/tests/test_common_policy.py		diff \| blob \| history