openstack/cinder
Code Issues Proposed changes
2c89ce1398
cinder/doc/source/configuration/block-storage/samples/policy.yaml.rst
Walter A. Boring IV e10b094db4 Add pdf documentation build in tox 
This patch adds a new tox job/command for building the pdf version
of documentation.

tox -epdf-docs

In addition to adjusting the infra requirement for PDF build support,
the following changes are made to build a PDF doc.

- Inline sample config file is skipped for PDF doc
  to avoid an LaTeX error "TeX capacity exceeded".
- Download link of sample config and policy files are disabled
  for PDF doc as relative links do not make sense.
- "Search" and "genindex" page is only enabled for HTML doc
  as they work only for HTML doc.

Co-Authored-By: Akihiro Motoki <amotoki@gmail.com>
Change-Id: Ib8ce96f4d043dcf0cfe6d3f8b64879f07bc5958c
2019-08-28 20:37:56 +00:00

1.5 KiB
Raw Blame History

policy.yaml

The policy.yaml file defines additional access controls that apply to the Block Storage service.

Prior to Cinder 12.0.0 (the Queens release), a JSON policy file was required to run Cinder. From the Queens release onward, the following hold:

  • It is possible to run Cinder safely without a policy file, as sensible default values are defined in the code.
  • If you wish to run Cinder with policies different from the default, you may write a policy file in either JSON or YAML.
    • Given that JSON does not allow comments, we recommend using YAML to write a custom policy file.
  • If you supply a custom policy file, you only need to supply entries for the policies you wish to change from their default values. For instance, if you want to change the default value of "volume:create", you only need to keep this single rule in your policy config file.
  • The default policy file location is /etc/cinder/policy.yaml. You may override this by specifying a different file location as the value of the policy_file configuration option in the [oslo_policy] section of the the Cinder configuration file.

The following provides a listing of the default policies. It is not recommended to copy this file into /etc/cinder unless you are planning on providing a different policy for an operation that is not the default.

html

The sample policy file can also be viewed in file form.

../../../_static/cinder.policy.yaml.sample