Doug Hellmann 88a104d852 move existing documentation into new standard layout

Change-Id: Iaefc26222d42663423f736946dea97c5613b7d1c
Signed-off-by: Doug Hellmann <doug@doughellmann.com>

2017-06-28 16:46:38 -04:00

1.4 KiB

Raw Blame History

Command Line Interface

Run the command line oslopolicy-checker to check policy against the OpenStack Identity API access information.

Command-line arguments:

--policy POLICY path to policy file.
--access ACCESS path to access token file.
--rule RULE (optional) rule to test. If omitted, tests all rules.
--is_admin IS_ADMIN (optional) set is_admin=True on the credentials.

Sample access tokens are provided in the sample_data directory.

Examples

Test all of Nova's policy with an admin token

tox -e venv -- oslopolicy-checker \
  --policy  /opt/stack/nova/etc/nova/policy.json
  --access sample_data/auth_v3_token_admin.json

Test the compute_extension:flavorextraspecs:index rule in Nova's policy with the admin member token and is_admin set to True

tox -e venv -- oslopolicy-checker \
  --policy  /opt/stack/nova/etc/nova/policy.json \
  --access sample_data/auth_v3_token_admin.json \
  --is_admin=true --rule compute_extension:flavorextraspecs:index

Test the compute_extension:flavorextraspecs:index rule in Nova's policy with the plain member token

tox -e venv -- oslopolicy-checker \
  --policy  /opt/stack/nova/etc/nova/policy.json \
  --access sample_data/auth_v3_token_member.json \
  --rule compute_extension:flavorextraspecs:index

1.4 KiB Raw Blame History

Command Line Interface

Examples

1.4 KiB

Raw Blame History