[DEFAULT] # # From monasca_api # # # Region that API is running in # (string value) # # This option has a sample default set, which means that # its actual default value may vary from the one documented # below. region = {{ DEFAULT_REGION }} # # Valid periods for notification methods # (list value) #valid_notification_periods = 0,60 # # Enable Metrics api endpoints (boolean value) enable_metrics_api = {{ ENABLE_METRICS_API }} # # Enable Logs api endpoints (boolean value) enable_logs_api = {{ ENABLE_LOGS_API }} # # From oslo.log # # If set to true, the logging level will be set to DEBUG instead of the default # INFO level (boolean value) # Note: This option can be changed without restarting. #debug = false # The name of a logging configuration file. This file is appended to any # existing logging configuration files. For details about logging configuration # files, see the Python logging module documentation. Note that when logging # configuration files are used then all logging configuration is set in the # configuration file and other logging configuration options are ignored (for # example, logging_context_format_string) (string value) # Note: This option can be changed without restarting. # Deprecated group/name - [DEFAULT]/log_config log_config_append=/etc/monasca/api-logging.conf # Defines the format string for %%(asctime)s in log records. Default: # %(default)s . This option is ignored if log_config_append is set (string # value) #log_date_format = %Y-%m-%d %H:%M:%S # (Optional) Name of log file to send logging output to. If no default is set, # logging will go to stderr as defined by use_stderr. This option is ignored if # log_config_append is set (string value) # Deprecated group/name - [DEFAULT]/logfile #log_file = # (Optional) The base directory used for relative log_file paths. This option # is ignored if log_config_append is set (string value) # Deprecated group/name - [DEFAULT]/logdir #log_dir = # Uses logging handler designed to watch file system. When log file is moved or # removed this handler will open a new log file with specified path # instantaneously. It makes sense only if log_file option is specified and # Linux platform is used. This option is ignored if log_config_append is set # (boolean value) #watch_log_file = false # Use syslog for logging. Existing syslog format is DEPRECATED and will be # changed later to honor RFC5424. This option is ignored if log_config_append # is set (boolean value) #use_syslog = false # Enable journald for logging. If running in a systemd environment you may wish # to enable journal support. Doing so will use the journal native protocol # which includes structured metadata in addition to log messages.This option is # ignored if log_config_append is set (boolean value) #use_journal = false # Syslog facility to receive log lines. This option is ignored if # log_config_append is set (string value) #syslog_log_facility = LOG_USER # Use JSON formatting for logging. This option is ignored if log_config_append # is set (boolean value) #use_json = false # Log output to standard error. This option is ignored if log_config_append is # set (boolean value) #use_stderr = false # Log output to Windows Event Log (boolean value) #use_eventlog = false # The amount of time before the log files are rotated. This option is ignored # unless log_rotation_type is setto "interval" (integer value) #log_rotate_interval = 1 # Rotation interval type. The time of the last file change (or the time when # the service was started) is used when scheduling the next rotation (string # value) # Possible values: # Seconds - # Minutes - # Hours - # Days - # Weekday - # Midnight - #log_rotate_interval_type = days # Maximum number of rotated log files (integer value) #max_logfile_count = 30 # Log file maximum size in MB. This option is ignored if "log_rotation_type" is # not set to "size" (integer value) #max_logfile_size_mb = 200 # Log rotation type (string value) # Possible values: # interval - Rotate logs at predefined time intervals. # size - Rotate logs once they reach a predefined size. # none - Do not rotate log files. #log_rotation_type = none # Format string to use for log messages with context (string value) #logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s # Format string to use for log messages when context is undefined (string # value) #logging_default_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s # Additional data to append to log message when logging level for the message # is DEBUG (string value) #logging_debug_format_suffix = %(funcName)s %(pathname)s:%(lineno)d # Prefix each line of exception output with this format (string value) #logging_exception_prefix = %(asctime)s.%(msecs)03d %(process)d ERROR %(name)s %(instance)s # Defines the format string for %(user_identity)s that is used in # logging_context_format_string (string value) #logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s # List of package logging levels in logger=LEVEL pairs. This option is ignored # if log_config_append is set (list value) #default_log_levels = amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,oslo_messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,requests.packages.urllib3.util.retry=WARN,urllib3.util.retry=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN,taskflow=WARN,keystoneauth=WARN,oslo.cache=INFO,oslo_policy=INFO,dogpile.core.dogpile=INFO # Enables or disables publication of error events (boolean value) #publish_errors = false # The format for an instance that is passed with the log message (string value) #instance_format = "[instance: %(uuid)s] " # The format for an instance UUID that is passed with the log message (string # value) #instance_uuid_format = "[instance: %(uuid)s] " # Interval, number of seconds, of log rate limiting (integer value) #rate_limit_interval = 0 # Maximum number of logged messages per rate_limit_interval (integer value) #rate_limit_burst = 0 # Log level name used by rate limiting: CRITICAL, ERROR, INFO, WARNING, DEBUG # or empty string. Logs with level greater or equal to rate_limit_except_level # are not filtered. An empty string means that all levels are filtered (string # value) #rate_limit_except_level = CRITICAL # Enables or disables fatal status of deprecations (boolean value) #fatal_deprecations = false [cassandra] # # From monasca_api # # # Comma separated list of Cassandra node IP addresses # (list value) contact_points = {{ CASSANDRA_CONTACT_POINTS | default('127.0.0.1') }} # # Port to Cassandra server # (port value) port = {{ CASSANDRA_PORT | default('9042') }} # # keyspace where metric are stored # (string value) keyspace = {{ CASSANDRA_KEY_SPACE }} # # Cassandra user for monasca-api service # (string value) user = {{ CASSANDRA_USER }} # # Cassandra user password for monasca-api service # (string value) password = {{ CASSANDRA_PASSWORD }} # # Cassandra connection timeout in seconds # (integer value) connection_timeout = {{ CASSANDRA_CONNECTION_TIMEOUT }} [database] # # From oslo.db # # If True, SQLite uses synchronous mode (boolean value) #sqlite_synchronous = true # The back end to use for the database (string value) # Deprecated group/name - [DEFAULT]/db_backend #backend = sqlalchemy # The SQLAlchemy connection string to use to connect to the database (string # value) # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection {% if not ( API_MYSQL_DISABLED is defined and API_MYSQL_DISABLED | lower == 'true' ) %} connection = "mysql+pymysql://{{ MYSQL_USER }}:{{ MYSQL_PASSWORD }}@{{ MYSQL_HOST }}:{{ MYSQL_PORT | default('3306') }}/{{ MYSQL_DB }}" {% endif %} # The SQLAlchemy connection string to use to connect to the slave database # (string value) #slave_connection = # The SQL mode to be used for MySQL sessions. This option, including the # default, overrides any server-set SQL mode. To use whatever SQL mode is set # by the server configuration, set this to no value. Example: mysql_sql_mode= # (string value) #mysql_sql_mode = TRADITIONAL # If True, transparently enables support for handling MySQL Cluster (NDB) # (boolean value) #mysql_enable_ndb = false # Connections which have been present in the connection pool longer than this # number of seconds will be replaced with a new one the next time they are # checked out from the pool (integer value) # Deprecated group/name - [DATABASE]/idle_timeout # Deprecated group/name - [database]/idle_timeout # Deprecated group/name - [DEFAULT]/sql_idle_timeout # Deprecated group/name - [DATABASE]/sql_idle_timeout # Deprecated group/name - [sql]/idle_timeout #connection_recycle_time = 3600 # DEPRECATED: Minimum number of SQL connections to keep open in a pool (integer # value) # Deprecated group/name - [DEFAULT]/sql_min_pool_size # Deprecated group/name - [DATABASE]/sql_min_pool_size # This option is deprecated for removal. # Its value may be silently ignored in the future. # Reason: The option to set the minimum pool size is not supported by # sqlalchemy. #min_pool_size = 1 # Maximum number of SQL connections to keep open in a pool. Setting a value of # 0 indicates no limit (integer value) # Deprecated group/name - [DEFAULT]/sql_max_pool_size # Deprecated group/name - [DATABASE]/sql_max_pool_size #max_pool_size = 5 # Maximum number of database connection retries during startup. Set to -1 to # specify an infinite retry count (integer value) # Deprecated group/name - [DEFAULT]/sql_max_retries # Deprecated group/name - [DATABASE]/sql_max_retries #max_retries = 10 # Interval between retries of opening a SQL connection (integer value) # Deprecated group/name - [DEFAULT]/sql_retry_interval # Deprecated group/name - [DATABASE]/reconnect_interval #retry_interval = 10 # If set, use this value for max_overflow with SQLAlchemy (integer value) # Deprecated group/name - [DEFAULT]/sql_max_overflow # Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow #max_overflow = 50 # Verbosity of SQL debugging information: 0=None, 100=Everything (integer # value) # Minimum value: 0 # Maximum value: 100 # Deprecated group/name - [DEFAULT]/sql_connection_debug #connection_debug = 0 # Add Python stack traces to SQL as comment strings (boolean value) # Deprecated group/name - [DEFAULT]/sql_connection_trace #connection_trace = false # If set, use this value for pool_timeout with SQLAlchemy (integer value) # Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout #pool_timeout = # Enable the experimental use of database reconnect on connection lost (boolean # value) #use_db_reconnect = false # Seconds between retries of a database transaction (integer value) #db_retry_interval = 1 # If True, increases the interval between retries of a database operation up to # db_max_retry_interval (boolean value) #db_inc_retry_interval = true # If db_inc_retry_interval is set, the maximum seconds between retries of a # database operation (integer value) #db_max_retry_interval = 10 # Maximum retries in case of connection error or deadlock error before error is # raised. Set to -1 to specify an infinite retry count (integer value) #db_max_retries = 20 # Optional URL parameters to append onto the connection URL at connect time; # specify as param1=value1¶m2=value2& (string value) #connection_parameters = [dispatcher] # # From monasca_api # # Versions controller (string value) versions = monasca_api.v2.reference.versions:Versions # Version 2.0 controller (string value) version_2_0 = monasca_api.v2.reference.version_2_0:Version2 # Metrics controller (string value) metrics = monasca_api.v2.reference.metrics:Metrics # Metrics measurements controller (string value) metrics_measurements = monasca_api.v2.reference.metrics:MetricsMeasurements # Metrics statistics controller (string value) metrics_statistics = monasca_api.v2.reference.metrics:MetricsStatistics # Metrics names controller (string value) metrics_names = monasca_api.v2.reference.metrics:MetricsNames # Alarm definitions controller (string value) alarm_definitions = monasca_api.v2.reference.alarm_definitions:AlarmDefinitions # Alarms controller (string value) alarms = monasca_api.v2.reference.alarms:Alarms # Alarms Count controller (string value) alarms_count = monasca_api.v2.reference.alarms:AlarmsCount # Alarms state history controller (string value) alarms_state_history = monasca_api.v2.reference.alarms:AlarmsStateHistory # Notification Methods controller (string value) notification_methods = monasca_api.v2.reference.notifications:Notifications # Dimension Values controller (string value) dimension_values = monasca_api.v2.reference.metrics:DimensionValues # Dimension Names controller (string value) dimension_names = monasca_api.v2.reference.metrics:DimensionNames # Notifications Type Methods controller (string value) notification_method_types = monasca_api.v2.reference.notificationstype:NotificationsType # Health checks endpoint controller (string value) healthchecks = monasca_api.healthchecks:HealthChecks [influxdb] # # From monasca_api # # # Database name where metrics are stored # (string value) database_name = {{ INFLUX_DB }} # # IP address to Influxdb server # (host address value) ip_address = {{ INFLUX_HOST }} # Port to Influxdb server (port value) # Minimum value: 0 # Maximum value: 65535 port = {{ INFLUX_PORT }} # # Influxdb user # (string value) user = {{ INFLUX_USER }} # # Influxdb password # (string value) password = {{ INFLUX_PASSWORD }} [kafka] # # From monasca_api # # # Comma separated list of Kafka broker host:port # (list value) uri = {{ KAFKA_URI }} # # The topic that metrics will be published to # (string value) metrics_topic = metrics # # The topic that events will be published too # (string value) #events_topic = events # The topic that logs will be published to (multi valued) #logs_topics = log # # The topic that alarm state will be published too # (string value) #alarm_state_transitions_topic = alarm-state-transitions # # The group name that this service belongs to # (string value) group = api # # The ack time back to kafka. # (integer value) #ack_time = 20 # # The number of retry when there is a connection error # (integer value) max_retry = 1 # # The type of posting # (boolean value) is_async = true # # Specify if the message received should be parsed. # If True, message will not be parsed, otherwise # messages will be parsed # (boolean value) compact = true # # The partitions this connection should # listen for messages on. Currently does not # support multiple partitions. # Default is to listen on partition 0 # (list value) partitions = 0 # # Specify if received data should be simply dropped. # This parameter is only for testing purposes # (boolean value) #drop_data = false # # The wait time when no messages on kafka queue # (integer value) # Minimum value: 1 # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. wait_time = 1 # # Should messages be automatically committed # (boolean value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. #auto_commit = false # # Enable legacy Kafka client. When set old version of # kafka-python library is used. Message format version # for the brokers should be set to 0.9.0.0 to avoid # performance issues until all consumers are upgraded. legacy_kafka_client_enabled = {{ KAFKA_LEGACY_CLIENT_ENABLED | default(false) }} [keystone_authtoken] auth_url = {{ KEYSTONE_IDENTITY_URI }} username = {{ KEYSTONE_ADMIN_USER }} password = {{ KEYSTONE_ADMIN_PASSWORD }} user_domain_name = Default project_name = {{ KEYSTONE_ADMIN_TENANT }} project_domain_name = Default # # From keystonemiddleware.auth_token # # Complete "public" Identity API endpoint. This endpoint should not be an # "admin" endpoint, as it should be accessible by all end users. # Unauthenticated clients are redirected to this endpoint to authenticate. # Although this endpoint should ideally be unversioned, client support in the # wild varies. If you're using a versioned v2 endpoint here, then this should # *not* be the same endpoint the service user utilizes for validating tokens, # because normal end users may not be able to reach that endpoint (string # value) # Deprecated group/name - [keystone_authtoken]/auth_uri www_authenticate_uri = {{ KEYSTONE_AUTH_URI }} # DEPRECATED: Complete "public" Identity API endpoint. This endpoint should not # be an "admin" endpoint, as it should be accessible by all end users. # Unauthenticated clients are redirected to this endpoint to authenticate. # Although this endpoint should ideally be unversioned, client support in the # wild varies. If you're using a versioned v2 endpoint here, then this should # *not* be the same endpoint the service user utilizes for validating tokens, # because normal end users may not be able to reach that endpoint. This option # is deprecated in favor of www_authenticate_uri and will be removed in the S # release (string value) # This option is deprecated for removal since Queens. # Its value may be silently ignored in the future. # Reason: The auth_uri option is deprecated in favor of www_authenticate_uri # and will be removed in the S release. #auth_uri = # API version of the admin Identity API endpoint (string value) #auth_version = # Do not handle authorization requests within the middleware, but delegate the # authorization decision to downstream WSGI components (boolean value) #delay_auth_decision = false # Request timeout value for communicating with Identity API server (integer # value) #http_connect_timeout = # How many times are we trying to reconnect when communicating with Identity # API Server (integer value) #http_request_max_retries = 3 # Request environment key where the Swift cache object is stored. When # auth_token middleware is deployed with a Swift cache, use this option to have # the middleware share a caching backend with swift. Otherwise, use the # ``memcached_servers`` option instead (string value) #cache = # Required if identity server requires client certificate (string value) #certfile = # Required if identity server requires client certificate (string value) #keyfile = # A PEM encoded Certificate Authority to use when verifying HTTPs connections. # Defaults to system CAs (string value) #cafile = # Verify HTTPS connections (boolean value) insecure = {{ KEYSTONE_INSECURE }} # The region in which the identity server can be found (string value) {% if KEYSTONE_REGION_NAME is defined %} region_name = {{ KEYSTONE_REGION_NAME }} {% endif %} # DEPRECATED: Directory used to cache files related to PKI tokens. This option # has been deprecated in the Ocata release and will be removed in the P release # (string value) # This option is deprecated for removal since Ocata. # Its value may be silently ignored in the future. # Reason: PKI token format is no longer supported. #signing_dir = # Optionally specify a list of memcached server(s) to use for caching. If left # undefined, tokens will instead be cached in-process (list value) # Deprecated group/name - [keystone_authtoken]/memcache_servers memcached_servers = {{ MEMCACHED_URI }} # In order to prevent excessive effort spent validating tokens, the middleware # caches previously-seen tokens for a configurable duration (in seconds). Set # to -1 to disable caching completely (integer value) #token_cache_time = 300 # DEPRECATED: Determines the frequency at which the list of revoked tokens is # retrieved from the Identity service (in seconds). A high number of revocation # events combined with a low cache duration may significantly reduce # performance. Only valid for PKI tokens. This option has been deprecated in # the Ocata release and will be removed in the P release (integer value) # This option is deprecated for removal since Ocata. # Its value may be silently ignored in the future. # Reason: PKI token format is no longer supported. #revocation_cache_time = 10 # (Optional) If defined, indicate whether token data should be authenticated or # authenticated and encrypted. If MAC, token data is authenticated (with HMAC) # in the cache. If ENCRYPT, token data is encrypted and authenticated in the # cache. If the value is not one of these options or empty, auth_token will # raise an exception on initialization (string value) # Possible values: # None - # MAC - # ENCRYPT - #memcache_security_strategy = None # (Optional, mandatory if memcache_security_strategy is defined) This string is # used for key derivation (string value) #memcache_secret_key = # (Optional) Number of seconds memcached server is considered dead before it is # tried again (integer value) #memcache_pool_dead_retry = 300 # (Optional) Maximum total number of open connections to every memcached server # (integer value) #memcache_pool_maxsize = 10 # (Optional) Socket timeout in seconds for communicating with a memcached # server (integer value) #memcache_pool_socket_timeout = 3 # (Optional) Number of seconds a connection to memcached is held unused in the # pool before it is closed (integer value) #memcache_pool_unused_timeout = 60 # (Optional) Number of seconds that an operation will wait to get a memcached # client connection from the pool (integer value) #memcache_pool_conn_get_timeout = 10 # (Optional) Use the advanced (eventlet safe) memcached client pool. The # advanced pool will only work under python 2.x (boolean value) #memcache_use_advanced_pool = false # (Optional) Indicate whether to set the X-Service-Catalog header. If False, # middleware will not ask for service catalog on token validation and will not # set the X-Service-Catalog header (boolean value) #include_service_catalog = true # Used to control the use and type of token binding. Can be set to: "disabled" # to not check token binding. "permissive" (default) to validate binding # information if the bind type is of a form known to the server and ignore it # if not. "strict" like "permissive" but if the bind type is unknown the token # will be rejected. "required" any form of token binding is needed to be # allowed. Finally the name of a binding method that must be present in tokens # (string value) #enforce_token_bind = permissive # DEPRECATED: If true, the revocation list will be checked for cached tokens. # This requires that PKI tokens are configured on the identity server (boolean # value) # This option is deprecated for removal since Ocata. # Its value may be silently ignored in the future. # Reason: PKI token format is no longer supported. #check_revocations_for_cached = false # DEPRECATED: Hash algorithms to use for hashing PKI tokens. This may be a # single algorithm or multiple. The algorithms are those supported by Python # standard hashlib.new(). The hashes will be tried in the order given, so put # the preferred one first for performance. The result of the first hash will be # stored in the cache. This will typically be set to multiple values only while # migrating from a less secure algorithm to a more secure one. Once all the old # tokens are expired this option should be set to a single value for better # performance (list value) # This option is deprecated for removal since Ocata. # Its value may be silently ignored in the future. # Reason: PKI token format is no longer supported. #hash_algorithms = md5 # A choice of roles that must be present in a service token. Service tokens are # allowed to request that an expired token can be used and so this check should # tightly control that only actual services should be sending this token. Roles # here are applied as an ANY check so any role in this list must be present. # For backwards compatibility reasons this currently only affects the # allow_expired check (list value) #service_token_roles = service # For backwards compatibility reasons we must let valid service tokens pass # that don't pass the service_token_roles check as valid. Setting this true # will become the default in a future release and should be enabled if possible # (boolean value) service_token_roles_required = true # Authentication type to load (string value) # Deprecated group/name - [keystone_authtoken]/auth_plugin auth_type = password # Config Section from which to load plugin specific options (string value) #auth_section = [messaging] # # From monasca_api # # # The message queue driver to use # (string value) driver = monasca_api.common.messaging.kafka_publisher:KafkaPublisher # DEPRECATED: # The type of metrics message format to publish to the message queue # (string value) # This option is deprecated for removal since 2.1.0. # Its value may be silently ignored in the future. # Reason: # Option is not used anywhere in the codebase #metrics_message_format = reference # DEPRECATED: # The type of events message format to publish to the message queue # (string value) # This option is deprecated for removal since 2.1.0. # Its value may be silently ignored in the future. # Reason: # Option is not used anywhere in the codebase #events_message_format = reference [oslo_policy] # # From oslo.policy # # This option controls whether or not to enforce scope when evaluating # policies. If ``True``, the scope of the token used in the request is compared # to the ``scope_types`` of the policy being enforced. If the scopes do not # match, an ``InvalidScope`` exception will be raised. If ``False``, a message # will be logged informing operators that policies are being invoked with # mismatching scope (boolean value) #enforce_scope = false # The file that defines policies (string value) #policy_file = policy.yaml # Default rule. Enforced when a requested rule is not found (string value) #policy_default_rule = default # Directories where policy configuration files are stored. They can be relative # to any directory in the search path defined by the config_dir option, or # absolute paths. The file defined by policy_file must exist for these # directories to be searched. Missing or empty directories are ignored (multi # valued) #policy_dirs = policy.d # Content Type to send and receive data for REST based policy check (string # value) # Possible values: # application/x-www-form-urlencoded - # application/json - #remote_content_type = application/x-www-form-urlencoded # server identity verification for REST based policy check (boolean value) #remote_ssl_verify_server_crt = false # Absolute path to ca cert file for REST based policy check (string value) #remote_ssl_ca_crt_file = # Absolute path to client cert for REST based policy check (string value) #remote_ssl_client_crt_file = # Absolute path client key file REST based policy check (string value) #remote_ssl_client_key_file = [repositories] # # From monasca_api # # # The repository driver to use for metrics # (string value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. {% if DATABASE_BACKEND | lower == 'cassandra' %} metrics_driver = monasca_api.common.repositories.cassandra.metrics_repository:MetricsRepository {% else %} metrics_driver = monasca_api.common.repositories.influxdb.metrics_repository:MetricsRepository {% endif %} # # The repository driver to use for alarm definitions # (string value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. alarm_definitions_driver = monasca_api.common.repositories.sqla.alarm_definitions_repository:AlarmDefinitionsRepository # # The repository driver to use for alarms # (string value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. alarms_driver = monasca_api.common.repositories.sqla.alarms_repository:AlarmsRepository # # The repository driver to use for notifications # (string value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. notifications_driver = monasca_api.common.repositories.sqla.notifications_repository:NotificationsRepository # # The repository driver to use for notifications # (string value) # Advanced Option: intended for advanced users and not used # by the majority of users, and might have a significant # effect on stability and/or performance. notification_method_type_driver = monasca_api.common.repositories.sqla.notification_method_type_repository:NotificationMethodTypeRepository [security] # # From monasca_api # # Roles that are allowed to check the health (list value) #healthcheck_roles = @ # Roles that are allowed to check the versions (list value) #versions_roles = @ # # Roles that are allowed full access to the API # (list value) default_authorized_roles = {{ AUTHORIZED_ROLES | default('admin, domainuser, domainadmin, monasca-user') }} # # Roles that are only allowed to POST to the API # (list value) agent_authorized_roles = {{ AGENT_AUTHORIZED_ROLES | default('monasca-agent') }} # # Roles that are only allowed to GET from the API # (list value) read_only_authorized_roles = {{ READ_ONLY_AUTHORIZED_ROLES | default('monasca-read-only-user') }} # # Roles that are allowed to POST metrics on # behalf of another tenant # (list value) delegate_authorized_roles = {{ DELEGATE_AUTHORIZED_ROLES | default('admin') }}