60 lines
1.5 KiB
Plaintext
60 lines
1.5 KiB
Plaintext
# Full read/write API access
|
|
#"is_admin": "role:admin or role:administrator or role:baremetal_admin"
|
|
|
|
# Read-only API access
|
|
#"is_observer": "role:baremetal_observer"
|
|
|
|
# Internal flag for public API routes
|
|
#"public_api": "is_public_api:True"
|
|
|
|
# Default API access policy
|
|
#"default": "!"
|
|
|
|
# Access the API root for available versions information
|
|
# GET /
|
|
#"introspection": "rule:public_api"
|
|
|
|
# Access the versioned API root for version information
|
|
# GET /{version}
|
|
#"introspection:version": "rule:public_api"
|
|
|
|
# Ramdisk callback to continue introspection
|
|
# POST /continue
|
|
#"introspection:continue": "rule:public_api"
|
|
|
|
# Get introspection status
|
|
# GET /introspection
|
|
# GET /introspection/{node_id}
|
|
#"introspection:status": "rule:is_admin or rule:is_observer"
|
|
|
|
# Start introspection
|
|
# POST /introspection/{node_id}
|
|
#"introspection:start": "rule:is_admin"
|
|
|
|
# Abort introspection
|
|
# POST /introspection/{node_id}/abort
|
|
#"introspection:abort": "rule:is_admin"
|
|
|
|
# Get introspection data
|
|
# GET /introspection/{node_id}/data
|
|
#"introspection:data": "rule:is_admin"
|
|
|
|
# Reapply introspection on stored data
|
|
# POST /introspection/{node_id}/data/unprocessed
|
|
#"introspection:reapply": "rule:is_admin"
|
|
|
|
# Get introspection rule(s)
|
|
# GET /rules
|
|
# GET /rules/{rule_id}
|
|
#"introspection:rule:get": "rule:is_admin"
|
|
|
|
# Delete introspection rule(s)
|
|
# DELETE /rules
|
|
# DELETE /rules/{rule_id}
|
|
#"introspection:rule:delete": "rule:is_admin"
|
|
|
|
# Create introspection rule
|
|
# POST /rules
|
|
#"introspection:rule:create": "rule:is_admin"
|
|
|