Difference between revisions of "DynamicPolicies"
(Created page with "= Dynamic Policies =") |
(→Dynamic Policies) |
||
Line 1: | Line 1: | ||
= Dynamic Policies = | = Dynamic Policies = | ||
+ | <big><big><big>''Improving policies''</big></big></big> | ||
+ | |||
+ | |||
+ | == Weekly Meetings == | ||
+ | |||
+ | == Roadmap == | ||
+ | |||
+ | Out-of-band policy management | ||
+ | --------------------------------------------- | ||
+ | |||
+ | Goal: Policies managed via API | ||
+ | Initial source of truth is uploaded from the projects to the policy management server | ||
+ | Policy updates in the policy management server may occur at any time thorugh the API | ||
+ | The latest policy for a given endpoint is fetched/cached by middleware | ||
+ | Middleware stores it in the directory the service is expecting to find it when doing enforcement | ||
+ | |||
+ | |||
+ | Better delegation | ||
+ | --------------------------- | ||
+ | |||
+ | Goal: Improve roles and assignments | ||
+ | Roles would be grouped in sets and possibly defined by domain | ||
+ | As consequence, better default policies will be provided, fixing the bug #968696 (admin anywhere is admin everywhere) |
Revision as of 16:49, 12 June 2015
Dynamic Policies
Improving policies
Weekly Meetings
Roadmap
Out-of-band policy management
Goal: Policies managed via API Initial source of truth is uploaded from the projects to the policy management server Policy updates in the policy management server may occur at any time thorugh the API The latest policy for a given endpoint is fetched/cached by middleware Middleware stores it in the directory the service is expecting to find it when doing enforcement
Better delegation
Goal: Improve roles and assignments Roles would be grouped in sets and possibly defined by domain As consequence, better default policies will be provided, fixing the bug #968696 (admin anywhere is admin everywhere)