womax/nova
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45cdc1903b23646dcd8b1d4b23cfbb3ba62c8c4a
nova/doc/source/cli/nova-policy.rst
T
Sean Mooney 02d72b9d56 Remove nova debugger functionality 
The nova debuger functionality was intended
to help debugging running process however it has
never been reliable due to our use of eventlet and is generally
not required when not using eventlet. I.e. you can just
run the nova console-scripts form a debugger or add pdb
statements as required.

As part of the eventlet removal the debugger functionality is
removed given its untested and undocumented.

Change-Id: I7bf88f06f3d1dbd2c7e342b27a21440a123c631d
2025-04-25 14:37:44 +02:00

91 lines
2.0 KiB
ReStructuredText
Raw Blame History

===========
nova-policy
===========
.. program:: nova-policy
Synopsis
========
::
nova-policy [<options>...]
Description
===========
:program:`nova-policy` is a tool that allows for inspection of policy file
configuration. It provides a way to identify the actions available for a user.
It does not require a running deployment: validation runs against the policy
files typically located at ``/etc/nova/policy.yaml`` and in the
``/etc/nova/policy.d`` directory. These paths are configurable via the
``[oslo_config] policy_file`` and ``[oslo_config] policy_dirs`` configuration
options, respectively.
Options
=======
.. rubric:: General options
.. include:: opts/common.rst
.. rubric:: User options
.. option:: --os-roles <auth-roles>
Defaults to ``$OS_ROLES``.
.. option:: --os-tenant-id <auth-tenant-id>
Defaults to ``$OS_TENANT_ID``.
.. option:: --os-user-id <auth-user-id>
Defaults to ``$OS_USER_ID``.
Commands
========
policy check
------------
::
nova-policy policy check [-h] [--api-name <name>]
[--target <target> [<target>...]
Prints all passing policy rules for the given user.
.. rubric:: Options
.. option:: --api-name <name>
Return only the passing policy rules containing the given API name.
If unspecified, all passing policy rules will be returned.
.. option:: --target <target> [<target>...]
The target(s) against which the policy rule authorization will be tested.
The available targets are: ``project_id``, ``user_id``, ``quota_class``,
``availability_zone``, ``instance_id``.
When ``instance_id`` is used, the other targets will be overwritten.
If unspecified, the given user will be considered as the target.
Files
=====
* ``/etc/nova/nova.conf``
* ``/etc/nova/policy.yaml``
* ``/etc/nova/policy.d/``
See Also
========
:doc:`nova-manage(1) <nova-manage>`,
:doc:`nova-status(1) <nova-status>`
Bugs
====
* Nova bugs are managed at `Launchpad <https://bugs.launchpad.net/nova>`__
Reference in New Issue View Git Blame Copy Permalink