Skip to main content

Example Dynamic role PEP

Dynamic role Enforcement Point

Policy set

We define a policy set that will apply to users who have been assigned a specific role. 

image-1628145441657.png

That policy set has three policies, one for each operation that we want to manage.

image-1628145277766.png

Policies

We can define a policy for each operation, to permit or deny access

PolicyPolicy1

We define a policy to permit or deny access to query users.

image-1628168453264.png

Rules

&&TODO&& sustituir la imagen cuando se arregle el label de Attribute selector

 That rule allow to the end-user to query users who belong to the same primary group that the end-user.

image-1628168609195.png

That rule denies access to query users

image-1628168675390.png

RulesPolicy2

 image-1628168823291.png

Rules

 image-1628168865703.png

 

Download XML

 You can download a XML file with the example: policy-TestDynamicPEP.xml