Keystone policy module, states and grain

commit: b1ebaca0af2b06ec81a4f84be2ec3765f9868f29 [log] [tgz]
author: Adam Tengler <adam.tengler@tcpcloud.eu> Thu May 04 21:06:08 2017 +0000
committer: Adam Tengler <adam.tengler@tcpcloud.eu> Tue May 09 12:19:10 2017 +0000
tree: b64d5d0cf5b93e3bbfae221928dfeed83b779a72
parent: cf7a8c8842ac101983f36234d70865e7ed32e445 [diff] [blame]
diff --git a/README.rst b/README.rst
index 257037d..6f9326e 100644
--- a/README.rst
+++ b/README.rst

@@ -86,6 +86,17 @@
             admin_address: 10.0.0.20
             admin_port: 8774
 
+Keystone with custom policies. Keys with specified rules are created or set to this value if they already exists. Keys with no value (like our "existing_rule") are deleted from the policy file.
+
+.. code-block:: yaml
+
+    keystone:
+      server:
+        enabled: true
+        policy:
+          new_rule: "rule:admin_required"
+          existing_rule:
+
 Keystone memcached storage for tokens
 
 .. code-block:: yaml
commit	b1ebaca0af2b06ec81a4f84be2ec3765f9868f29	[log] [tgz]
author	Adam Tengler <adam.tengler@tcpcloud.eu>	Thu May 04 21:06:08 2017 +0000
committer	Adam Tengler <adam.tengler@tcpcloud.eu>	Tue May 09 12:19:10 2017 +0000
tree	b64d5d0cf5b93e3bbfae221928dfeed83b779a72
parent	cf7a8c8842ac101983f36234d70865e7ed32e445 [diff] [blame]