Difference between revisions of "Barbican/Policy"
< Barbican
Line 25: | Line 25: | ||
| DELETE || || || x || || || || || key_manager:delete_secrets | | DELETE || || || x || || || || || key_manager:delete_secrets | ||
|- | |- | ||
− | | rowspan="4" | /v1/secrets/{secret-id}/acl || GET | + | | rowspan="4" | /v1/secrets/{secret-id}/acl || GET || x || x || x || || || || || key_manager:get_acl |
|- | |- | ||
− | | PATCH | + | | PATCH || || x || x || || || || || key_manager:manage_acl |
|- | |- | ||
− | | PUT | + | | PUT || || x || x || || || || || key_manager:manage_acl |
|- | |- | ||
− | | DELETE | + | | DELETE || || x || x || || || || || key_manager:manage_acl |
|- | |- | ||
− | | rowspan="3" | /v1/secrets/{secret-id}/metadata || GET | + | | rowspan="3" | /v1/secrets/{secret-id}/metadata || GET || x || x || x || || || || || key_manager:get_secret_meta |
|- | |- | ||
− | | PUT | + | | PUT || || x || x || || || || || key_manager:store_secrets |
|- | |- | ||
− | | POST | + | | POST || || x || x || || || || || key_manager:store_secrets |
|- | |- | ||
| rowspan="3" | /v1/secrets/{secret-id}/metadata/{meta-key} || GET | | rowspan="3" | /v1/secrets/{secret-id}/metadata/{meta-key} || GET | ||
Line 108: | Line 108: | ||
|- | |- | ||
|} | |} | ||
+ | |||
+ | * key_manager:manage_acl | ||
+ | ** (dmendiza) Is this too broad? | ||
+ | ** (dmendiza) Should we have separate ''key_manager:(secret|order)_manage_acl''? | ||
+ | ** (dmendiza) Should '''member''' be allowed to manage ACL? Would private secrets break if we don't? Are private secrets really private it we do? | ||
+ | ** (dmendiza) Is there a way to reference the User by ID to introduce the concept of a secret owner into this policy? | ||
+ | * key_manager:store_secret | ||
+ | ** (dmendiza) Is it ok to use this for adding metadata to a secret? I think it is. |
Revision as of 00:38, 14 June 2018
Project-scope | System-scope | ||||||||
---|---|---|---|---|---|---|---|---|---|
Route | Method | reader | member | admin | reader | member | admin | no auth | Tag |
/ | GET | x | x | x | x | x | x | x | key_manager:get_home |
/v1 | GET | x | x | x | x | x | x | key_manager:get_v1 | |
/v1/secrets | GET | x | x | x | key_manager:list_secrets | ||||
POST | x | x | key_manager:store_secrets | ||||||
/v1/secrets/{secret-id} | GET Accept:application/json | x | x | x | key_manager:get_secret_meta | ||||
DEPRECATED
GET Accept:{secret-mime} |
x | x | key_manager:decrypt_secrets | ||||||
PUT | x | x | key_manager:store_secrets | ||||||
DELETE | x | key_manager:delete_secrets | |||||||
/v1/secrets/{secret-id}/acl | GET | x | x | x | key_manager:get_acl | ||||
PATCH | x | x | key_manager:manage_acl | ||||||
PUT | x | x | key_manager:manage_acl | ||||||
DELETE | x | x | key_manager:manage_acl | ||||||
/v1/secrets/{secret-id}/metadata | GET | x | x | x | key_manager:get_secret_meta | ||||
PUT | x | x | key_manager:store_secrets | ||||||
POST | x | x | key_manager:store_secrets | ||||||
/v1/secrets/{secret-id}/metadata/{meta-key} | GET | ||||||||
PUT | |||||||||
DELETE | |||||||||
/v1/secrets/{secret-id}/payload | GET | ||||||||
/v1/transport_keys | GET | ||||||||
POST | |||||||||
/v1/transport_keys/{key-id} | GET | ||||||||
DELETE | |||||||||
/v1/containers | GET | ||||||||
POST | |||||||||
/v1/containers/{container-id} | GET | ||||||||
DELETE | |||||||||
/v1/containers/{container-id}/acl | GET | ||||||||
PATCH | |||||||||
PUT | |||||||||
DELETE | |||||||||
/v1/containers/{container-id}/consumers | GET | ||||||||
/v1/containers/{container-id}/secrets | POST | ||||||||
DELETE | |||||||||
/v1/secret-stores | GET | ||||||||
/v1/secret-stores/{ss-id} | GET | ||||||||
/v1/secret-stores/{ss-id}/preferred | POST | ||||||||
DELETE | |||||||||
/v1/quotas | GET | ||||||||
/v1/project-quotas | GET | ||||||||
/v1/project-quotas/{project-id} | GET | ||||||||
PUT | |||||||||
DELETE | |||||||||
DEPRECATED - To be removed in P | |||||||||
/v1/orders | GET | ||||||||
PUT | |||||||||
POST | |||||||||
/v1/orders/{order-id} | GET | ||||||||
DELETE |
- key_manager:manage_acl
- (dmendiza) Is this too broad?
- (dmendiza) Should we have separate key_manager:(secret|order)_manage_acl?
- (dmendiza) Should member be allowed to manage ACL? Would private secrets break if we don't? Are private secrets really private it we do?
- (dmendiza) Is there a way to reference the User by ID to introduce the concept of a secret owner into this policy?
- key_manager:store_secret
- (dmendiza) Is it ok to use this for adding metadata to a secret? I think it is.