Skip to main content

Creating Sample Policy in Cloudentity Platform

Learn how to create sample authorization policies, which you can assign to different execution points to protect access at any level: organization, service (feature), and resource.

Create Policy

  1. In your workspace, navigate to Authorization > Policies > + CREATE POLICY.

  2. In the Create Policy popup window

    1. Select Policy type from the dropdown menu.

      tut_auth_create_poltype.png

      Policy types

      There are a few policy types available in Cloudentity: API request, User, Machine to machine, Developer, Dynamic Client Registration.

    2. Specify Policy name and Display name.

      tut_auth_create_polname.png
    3. Select Cloudentity as Policy language.

      tut_auth_create_pollg.png

      Policy language

      Another type of policies that you can create in Cloudentity is Open Policy Agent (OPA). For instruction on how to create OPA policies, see Create REGO Policy.

    4. Select Create.

      tut_auth_create_poldone.png

      Result: The Cloudentity policy builder opens.

      tut_auth_builder.png

Add Validator

  1. In the policy builder, select the + sign to add a validator.

    tut_auth_add_validator.png
  2. In the Add new validator fly-out view, enter a validator name of your preference into the search field and follow up to the validator setup.

    tut_auth_val_search.png
  3. In the validator view, set up the validator by adding and configuring its fields:

    1. Select the source data context and specify the source value.

    2. Select the operator to define the relationship between the source and the target.

    3. Select the target data context and specify target value.

    4. Select Save to proceed.

    tut_auth_val_config.png
  4. When all the fields for the validators are ready

    1. Select the OK icon to finalize your validator.

      tut_auth_policy_ok.png
    2. Select Save to finalize your new policy.

      tut_auth_policy_save.png

      Result: Your newly-created policy is available in the Policies view.

      tut_auth_policy_ready.png