json.schema.entity.policies.accessControl.rule.json Maven / Gradle / Ivy
{
"$id": "https://open-metadata.org/schema/entity/policies/accessControl/rule.json",
"$schema": "http://json-schema.org/draft-07/schema#",
"title": "Rule",
"description": "Describes an Access Control Rule for OpenMetadata Metadata Operations. All non-null user (subject) and entity (object) attributes are evaluated with logical AND.",
"type": "object",
"javaType": "org.openmetadata.schema.entity.policies.accessControl.Rule",
"properties": {
"name": {
"description": "Name of this Rule.",
"type": "string"
},
"fullyQualifiedName": {
"description": "FullyQualifiedName in the form `policyName.ruleName`.",
"$ref": "../../../type/basic.json#/definitions/fullyQualifiedEntityName"
},
"description" : {
"description": "Description of the rule.",
"$ref": "../../../type/basic.json#/definitions/markdown"
},
"effect" : {
"type" : "string",
"enum" : [
"allow",
"deny"
]
},
"operations" : {
"description": "List of operation names related to the `resources`. Use `*` to include all the operations.",
"type" : "array",
"items" : {
"$ref": "resourceDescriptor.json#/definitions/operation"
},
"default" : null
},
"resources": {
"description": "Resources/objects related to this rule. Resources are typically `entityTypes` such as `table`, `database`, etc. It also includes `non-entityType` resources such as `lineage`. Use `*` to include all the resources.",
"type": "array",
"items": {
"type" : "string"
},
"default" : null
},
"condition" : {
"description": "Expression in SpEL used for matching of a `Rule` based on entity, resource, and environmental attributes.",
"$ref" : "../../../type/basic.json#/definitions/expression"
}
},
"required": ["name", "effect", "operations", "resources"],
"additionalProperties": false
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy