Versions Compared

Old Version 9

changes.mady.by.user Min Chen

Saved on

compared with

New Version 10

changes.mady.by.user Min Chen

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Policy is a set of permission. Customer should be able to attach several policies to a Group to define the permission for that group. By default, resource owner should have all the permissions to his/her owned resources. we have the following 3 types of policy templates:

  1. Root Admin Policy: have permissions to all resources in the CloudStack.
  2. Domain Admin Policy: have permissions to all resources under the belonging domain.
  3. Resource Owner Policy: have permissions to all owned resources.
    Other than that, customer should be able to define

...

  1. customized policies by grant or deny permission

...

  1. to customize permissions for the group. So far, for cross-account permission grant, we are currently supporting the following 3 types of granting/denying:
  • Grant by Domain and Resource Type: grant permissions to all resources of the given resource type under the given domain.
  • Grant by Account and Resource Type: grant permissions to all resources of the given resource type under the given account.
  • Grant by individual resource: grant permission to an individual resource.