Conversation
Codecov Report
@@ Coverage Diff @@
## master #334 +/- ##
=======================================
Coverage 88.11% 88.11%
=======================================
Files 19 19
Lines 1943 1943
=======================================
Hits 1712 1712
Misses 231 231Continue to review full report at Codecov.
|
xbrianh
left a comment
xbrianh
left a comment
There was a problem hiding this comment.
Approving, but see language nits
|
|
||
| `account-id` to the deployment stage. The field **resourcetype** can optionally be the name of a resource type defined | ||
| in fusillade. If `resourcetype` matches a resource type defined in fusillade then a resource policy will be used | ||
| evaluating the users access. All other fields can be used as needed or use \* for wild cards. Resource names are |
There was a problem hiding this comment.
s/will be used evaluating the user access/will be used to evaluate user access/
|
|
||
| #### Resource ACL | ||
| A new resource type is created by providing the name of the resource type, and the actions that can be performed on it. | ||
| Once a resource type is created you can store specific ids of the resource you'd like to control. A principal only has |
There was a problem hiding this comment.
created you can store specific ids of the resource you'd like to control
To be consistent, s/ids/IDs/
There was a problem hiding this comment.
will change to resource_id
| Once a resource type is created you can store specific ids of the resource you'd like to control. A principal only has | ||
| access to resource they are give access to, either directly or through group membership. The creator of a resource ID is | ||
| automatically designated as the owner of the resource. The owner of a resource can add additional owners, and assign | ||
| access levels to their resource. The different levels of access are defined by access policies associated with a |
There was a problem hiding this comment.
The different levels of access are defined by access policies associated
s/The different/Different
| access levels to their resource. The different levels of access are defined by access policies associated with a | ||
| resource type. New access policies can be defined for a resource type after the resource type has been created. All | ||
| resources of that type share the same access policies and can only be assigned access policies that have already been | ||
| defined. Access policies can only define policies that use actions supported by that resource type. Actions can be |
There was a problem hiding this comment.
All resources of that type share the same access policies and can only be assigned access policies that have already been defined.
Trying to understand the implications of this sentence. Suppose I have two resources of type "foo," A and B. Is it impossible to assign different policies to A and B?
Alternatively, is there a pool of resource policies associated with "foo", and the policies attached to A and B must come from that pool?
There was a problem hiding this comment.
The later. I'll change the description
3 participants
No description provided.