/usr/share/puppet/modules.available/keystone/manifests/policy.pp is in puppet-module-keystone 9.4.0-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | # == Class: keystone::policy
#
# Configure the keystone policies
#
# === Parameters
#
# [*policies*]
# (optional) Set of policies to configure for keystone
# Example :
# {
# 'keystone-context_is_admin' => {
# 'key' => 'context_is_admin',
# 'value' => 'true'
# },
# 'keystone-default' => {
# 'key' => 'default',
# 'value' => 'rule:admin_or_owner'
# }
# }
# Defaults to empty hash.
#
# [*policy_path*]
# (optional) Path to the nova policy.json file
# Defaults to /etc/keystone/policy.json
#
class keystone::policy (
$policies = {},
$policy_path = '/etc/keystone/policy.json',
) {
include ::keystone::deps
validate_hash($policies)
Openstacklib::Policy::Base {
file_path => $policy_path,
}
create_resources('openstacklib::policy::base', $policies)
oslo::policy { 'keystone_config': policy_file => $policy_path }
}
|