Hi All,
Could you please describe meaning of the "Recursive" attribute of policy
resource?
I've created a service with some resources configured hierarchically,
the "cluster" resource is configured as a parent for all other resources.
Then, I've created a policy including only "cluster" resource having any
name ('*' wildcard) with only "READ" access type allowed.
The "Recursive" attribute on the policy's resource is enabled by default
and in my system I see that "READ" access is allowed for all clusters
and all their child resources.
But, if the "Recursive" attribute is turned off, nothing is changed in
my system - "READ" access still allowed for clusters and child resources.
I expected that accesses allowed for the parent resource will be
disallowed for child resources after turning off the "Recursive"
attribute, but they weren't.
Could you please tell what exactly happens after the "Recursive"
attribute is enabled or disabled?
Thank you in advance!
Best regards.
