diff options
author | Ola Aunrønning <olaa@verizonmedia.com> | 2022-03-14 11:57:23 +0100 |
---|---|---|
committer | Ola Aunrønning <olaa@verizonmedia.com> | 2022-03-14 11:58:04 +0100 |
commit | def6d57968bad732ba7f9445bb83f8f1883d9de7 (patch) | |
tree | f672bba3826e2c8dc8dbd2c5ad36da84455706af /controller-api | |
parent | 065053e8efaa6941521e1ec79b7948d34d73d18e (diff) |
Consider effect equality
Diffstat (limited to 'controller-api')
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java index 3a42c0c6535..317229f9e9a 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java @@ -165,6 +165,8 @@ public class AthenzAccessControlService implements AccessControlService { private AthenzAssertion getApprovalAssertion(AthenzRole accessRole) { var approverRole = new AthenzRole(accessRole.domain(), "vespa-access-approver"); - return AthenzAssertion.newBuilder(approverRole, accessRole.toResourceName(), "update_members").build(); + return AthenzAssertion.newBuilder(approverRole, accessRole.toResourceName(), "update_members") + .effect(AthenzAssertion.Effect.ALLOW) + .build(); } } |