Skip to content

Instantly share code, notes, and snippets.

@kgilpin kgilpin/basic-org.rb
Last active Aug 29, 2015

Embed
What would you like to do?
Conjur Policy - Basic Organization
test_layer = nil
group "security_admin" do
owns do
scope "v1" do
ops = group "ops" do
owns do
test_layer = layer "test"
layer "production"
end
end
build = group "build" owns do
add_member ops
owns do
layer "build"
end
end
developers = group "developers" do
add_member ops
add_member build
owns do
layer "development"
end
end
# Enable developers to use, but not admin, the test resources
test_layer.add_member "use_host", developers
group "everyone" do
add_member ops
add_member build
add_member developers
owns do
layer "sandbox"
end
end
end
end
end
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.