Example 2: Read only / write¶
Here we want all users to have only the ability to execute read only commands whereas the administrators will have access the write commands too. Anonymous users cannot do anything.
---
- description: Admins can do everything.
Authenticated users are restricted to read-only actions.
Anonymous users cannot do anything.
hosts:
- +.*
default: ReadOnly
policies:
- members:
- administrators
rules:
any:
Allow:
- members:
- anonymous
rules:
any:
Deny:
...
---
anonymous:
- Anonymous
administrators:
- rda
- mal
...