Skip to main content

Policy set

Description

"A PolicySet is a container that can hold other Policies or PolicySets, as well as references to policies found in remote locations".

Every PolicySet contains one Target. Target contains the subjects, resources, actions and environments where the policy set will be applied. A target can contain more than one subject, environment, resource or action or none of them.

 

Policy Set can be exported to an XML file by clicking on Export button. The file will contain the Policy Set Target and all the elements included in it, like other PolicySets, Policies or References.

It is possible to create a new version for a PolicySet by clicking on 'Add new version'. That will copy all PolicySet elements on the tree with the following version number.

Related objects

Custom attributes

Policy set

  • Identifier: identify the policy set.
  • Version: version of the policy set.
  • Description: brief description of the policy set.
  • Policy Combining Algorithm: determines how the different Policies in the PolicySet will be applied.
    • Deny overrides.
    • Permit overrides.
    • First applicable.
    • Only one applicable.
    • Ordered deny overrides.
    • Ordered permit overrides.

Target

Target contains the subjects, resources, actions, and environments where the policy set will be applied. A target can contains more than one subject, environment, resource or action or none of them.

Subjects

Resources

Actions

Environments

Obligations

 

obligation or advice expressions

 

Actions

 

 

https://www.oasis-open.org/committees/download.php/2713/Brief_Introduction_to_XACML.html

 

Back to top