Last active
November 15, 2016 15:57
-
-
Save james-nesbitt/946819a891b4467083a9bf6549413b2f to your computer and use it in GitHub Desktop.
kraut security.yml proposal
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # security.yml | |
| # | |
| # Kraut security limits for operations | |
| # | |
| # FORMAT: | |
| # {operation} : | |
| # {operation property 1}: [ "{valid value 1}", ... ] | |
| # ... | |
| # | |
| # Default permission applied if no other permissions match? | |
| security.default: | |
| security.user.role: | |
| - authenticated | |
| # General orchestrate operations | |
| orchestrate.*: | |
| security.user: | |
| - * # wildcard | |
| # UpCloud : start a server | |
| upcloud.server.start: | |
| # security.user.role : property provided by the security wrapper | |
| security.user.role: | |
| - admin | |
| # upcloud.server.label : one of the valid --{property} values for the operation | |
| upcloud.server.label: | |
| - this-project | |
| # UpCloud : Destroy an UpCloud service | |
| upcloud.server.stop: | |
| # security.user : property provided by the security wrapper | |
| security.user: | |
| - jamesnesbitt | |
| - aleksijohansson | |
| - jannekoponen | |
| # upcloud.server.label : one of the valid --{property} values for the operation | |
| upcloud.server.uuid: | |
| - AAAAAAA-AAAAAAA-AAAAA | |
| - BBBBBBB-BBBBBBB-BBBBB |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment