diff options
author | Lance Bragstad <lbragstad@gmail.com> | 2020-07-20 09:15:42 -0500 |
---|---|---|
committer | Lance Bragstad <lbragstad@gmail.com> | 2020-07-20 09:15:42 -0500 |
commit | 884a4ea46153aa16fae0dc40cd271b081f9404f5 (patch) | |
tree | 3b40a388606254355902adc7bb7f44556092b997 | |
parent | cab28649c689067970a51a2f9b329bdd6a0f0501 (diff) | |
download | oslo-policy-884a4ea46153aa16fae0dc40cd271b081f9404f5.tar.gz |
Clarify what exactly an "access file" is
The definition of an "access" file is very vague, but oslopolicy-checker
expects it to be a token response body from keystone. If you don't pass
a token response explicitly, oslopolicy-checker will fail.
Change-Id: I5362fabb0344b67996367382dbc173eeaf39b06b
-rw-r--r-- | doc/source/cli/oslopolicy-checker.rst | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/doc/source/cli/oslopolicy-checker.rst b/doc/source/cli/oslopolicy-checker.rst index b72354f..bb4fee1 100644 --- a/doc/source/cli/oslopolicy-checker.rst +++ b/doc/source/cli/oslopolicy-checker.rst @@ -19,7 +19,9 @@ Description ----------- The ``oslopolicy-policy-generator`` command can be used to check policy against -the OpenStack Identity API access information. +the OpenStack Identity API access information. The access information is a +keystone token response from keystone's `authentication API +<https://docs.openstack.org/api-ref/identity/v3/#password-authentication-with-scoped-authorization>`_. Options ------- @@ -28,8 +30,8 @@ Options .. option:: --access ACCESS - Path to a file containing OpenStack Identity API access info in JSON - format. + Path to a file containing an OpenStack Identity API token response body in + JSON format. .. option:: --enforcer_config ENFORCER_CONFIG |