Policy

A Policy is a resource managing page access permissions. This resource can be used in all domains if it is defined in the `repository` microservice.

Package : spaceone.api.repository.v1

Policy

Policy Methods:

Method	Request	Response
create	CreatePolicyRequest	PolicyInfo
update	UpdatePolicyRequest	PolicyInfo
delete	PolicyRequest	google.protobuf.Empty
get	GetRepositoryPolicyRequest	PolicyInfo
list	PolicyQuery	PoliciesInfo
stat	PolicyStatQuery	google.protobuf.Struct

create

POST /repository/v1/policies

Creates a new Policy. The parameter policy_id, an identifier of Policy resources, can only include lowercase alphabets, numbers, and hyphens(-). The parameter permissions is a list type data describing page access permissions.

Type	Message
Request	CreatePolicyRequest
Response	PolicyInfo

Request Example

{
    "policy_id": "policy-custom-full-acess",
    "name": "Full Access",
    "permissions": [
        "*"
    ],
    "labels": [],
    "tags": {},
    "domain_id": "domain-123456789012"
}

Response Example

{
    "policy_id": "policy-custom-full-acess",
    "name": "Full Access",
    "state": "ENABLED",
    "permissions": [
        "*"
    ],
    "labels": [],
    "tags": {},
    "repository_info": {
        "repository_id": "repo-123456789012",
        "name": "Local",
        "repository_type": "local"
    },
    "domain_id": "domain-123456789012",
    "created_at": "2022-01-01T06:45:04.582Z",
    "updated_at": "2022-01-01T06:45:04.582Z"
}

update

PUT /repository/v1/policy/{policy}

Updates a specific Policy. You can make changes in Policy settings, including name, labels, tags, and permissions. The parameter policy_id cannot be updated.

Type	Message
Request	UpdatePolicyRequest
Response	PolicyInfo

Request Example

{
    "policy_id": "policy-custom-full-acess",
    "name": "Full Access",
    "permissions": [
        "*"
    ],
    "labels": [],
    "tags": {},
    "domain_id": "domain-123456789012"
}

Response Example

{
    "policy_id": "policy-custom-full-acess",
    "name": "Full Access",
    "state": "ENABLED",
    "permissions": [
        "*"
    ],
    "labels": [],
    "tags": {},
    "repository_info": {
        "repository_id": "repo-123456789012",
        "name": "Local",
        "repository_type": "local"
    },
    "domain_id": "domain-123456789012",
    "created_at": "2022-01-01T06:45:04.582Z",
    "updated_at": "2022-01-01T06:45:04.582Z"
}

delete

DELETE /repository/v1/policy/{policy}

Deletes a specific Policy. You must specify the policy_id of the Policy to delete, as the policy_id is an identifier of Policy resources.

Type	Message
Request	PolicyRequest
Response	google.protobuf.Empty

Request Example

{
    "policy_id": "policy-123456789012"
}

get

GET /repository/v1/policies/{policy}

Gets a specific Policy. You must specify the policy_id of the Policy to get, as the policy_id is an identifier of Policy resources. You can use the parameter repository_id to limit the scope of the method to a specific Repository.

Type	Message
Request	GetRepositoryPolicyRequest
Response	PolicyInfo

Request Example

{
    "policy_id": "policy-123456789012",
    "repository_id": "repo-123456789012"
}

Response Example

{
    "policy_id": "policy-123456789012",
    "name": "Full Access",
    "state": "ENABLED",
    "permissions": [
        "*"
    ],
    "labels": [],
    "tags": {},
    "repository_info": {
        "repository_id": "repo-123456789012",
        "name": "Local",
        "repository_type": "local"
    },
    "domain_id": "domain-123456789012",
    "created_at": "2022-01-01T15:42:50.943Z",
    "updated_at": "2022-01-01T15:42:50.943Z"
}

list

GET /repository/v1/policies

POST /repository/v1/policies/search

Gets a list of all Policies in a specific Repository. The parameter repository_id is used as an identifier of a Repository to get its list of Policies. You can use a query to get a filtered list of Policies.

Type	Message
Request	PolicyQuery
Response	PoliciesInfo

Request Example

{
    "query": {},
    "repository_id": "repo-123456789012"
}

Response Example

{
    "results": [
        {
            "policy_id": "policy-123456789012",
            "name": "Full Access",
            "state": "ENABLED",
            "permissions": [
                "*"
            ],
            "labels": [],
            "tags": {},
            "repository_info": {
                "repository_id": "repo-123456789012",
                "name": "Local",
                "repository_type": "local"
            },
            "domain_id": "domain-123456789012",
            "created_at": "2022-01-01T15:42:50.943Z",
            "updated_at": "2022-01-01T15:42:50.943Z"
        },
        {
            "policy_id": "policy-987654321098",
            "name": "Identity Admin",
            "state": "ENABLED",
            "permissions": [
                "identity.*"
            ],
            "labels": [],
            "tags": {},
            "repository_info": {
                "repository_id": "repo-123456789012",
                "name": "Local",
                "repository_type": "local"
            },
            "domain_id": "domain-123456789012",
            "created_at": "2022-01-01T08:08:14.756Z",
            "updated_at": "2022-01-01T08:08:14.756Z"
        }
    ],
    "total_count": 2
}

stat

POST /repository/v1/policies/stat

Type	Message
Request	PolicyStatQuery
Response	google.protobuf.Struct

Message

CreatePolicyRequest

Field	Type	Required	Description
name	string	✔
permissions	list of string	✔
policy_id	string	✔
labels	google.protobuf.ListValue	✘
tags	google.protobuf.Struct	✘
project_id	string	✘
domain_id	string	✔

GetRepositoryPolicyRequest

Field	Type	Required	Description
policy_id	string	✔
domain_id	string	✔
repository_id	string	✘
only	list of string	✘

PoliciesInfo

Field	Type	Description
results	list of PolicyInfo	list of PolicyInfo
total_count	int32

PolicyInfo

Field	Type	Description
policy_id	string
name	string
state	NONE ENABLED DISABLED
permissions	list of string	list of permissions
labels	google.protobuf.ListValue	list of labels
tags	google.protobuf.Struct
repository_info	RepositoryInfo
project_id	string
domain_id	string
created_at	string
updated_at	string

PolicyQuery

Field	Type	Required	Description
query	spaceone.api.core.v1.Query	✘
policy_id	string	✘
name	string	✘
project_id	string	✘
repository_id	string	✔
domain_id	string	✔
state	NONE ENABLED DISABLED	✘

PolicyRequest

Field	Type	Required	Description
policy_id	string	✔
domain_id	string	✔

PolicyStatQuery

Field	Type	Required	Description
query	spaceone.api.core.v1.StatisticsQuery	✔
repository_id	string	✔
domain_id	string	✔

UpdatePolicyRequest

Field	Type	Required	Description
policy_id	string	✔
name	string	✘
permissions	list of string	✘
labels	google.protobuf.ListValue	✘
tags	google.protobuf.Struct	✘
domain_id	string	✔