mssun
commented
1 year ago Yes, ACS is designed to be the service to evaluate the access control policy. Using a dedicated service makes the policy evaluation more flexible. However, we didn't have time to integrate with the current ACS. In the current implementation, access control policy is hard coded in the management service.
henrysun007
Although documented in README, the acs is actually not used by management service in the implementation. Why? Do you have any potential improvement towards the acs? Please provide some background information. Thanks.