Versions Compared

Old Version 27

changes.mady.by.user Prachi Damle

Saved on

compared with

New Version 28

changes.mady.by.user Prachi Damle

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • removeAclPermissionFromAclPolicy
    1. String id - UUID of the ACL policy. Required
    2. List<String> permission Ids - comma separated list of permission ids that are going to be removed from the acl policy

IAM Interface

CloudStack currently has a domain-tree based implementation of access checks, namely com.cloud.acl.DomainChecker. This implementation is based on the an adapter interface of Cloudstack - org.apache.cloudstack.acl.SecurityChecker that defines the basic ACL interface to check ownership and access control to objects within the account/ domain.

The IAM plugin will provide another implementation of the SecurityChecker intrerface. We will also have to add to this interface some more methods or change some signatures to facilitate policy and Action based access control.