Resolved Policy Rules

Invoke the resolve-policy-rules operation

Shows the combined set of policy rules resulting from all policies associated with the current token.

SecurityaccessToken

Request

Request Body schema:
application/yaml

token

string

Optionally provide a token as argument. Will default to curren token.

Responses

200

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

503

Service Unavailable (strongbox sealed)

post/v1/resolve-policy-rules

Request samples

Payload

token: aa1ddebf-0c91-4625-8994-303edb68a06c

Response samples

rest-api:
  rules:
    - path: /**
      description: Allow access to everything.
      operations:
        all: allow
    - path: /v1/*/strongbox/identity/**
      description: Prevent user from modifying own or others credentials.
      operations:
        all: reject
    - path: /v1/*/policy/policies/**
      description: Prevent user from modifying policy rules.
      operations:
        create: reject
        read: allow
        update: reject
        delete: reject
        execute: reject
    - path: /v1/*/strongbox/token/create-root
      description: Prevent user from creating root token
      operations:
        all: reject
    - path: /v1/*/strongbox/token/disable
      description: Prevent user from disabling others tokens.
      operations:
        all: reject
    - path: /v1/*/strongbox/transit-keys/infra/**
      description: Prevent access to infra transit keys.
      operations:
        all: reject
capabilities:
  all: allow
volga:
  topics:
    - name: "*"
      operations:
        create: reject
        delete: reject
        produce: reject
        consume: allow
  infras:
    - name: "*"
      operations:
        produce: reject
        consume: allow

➔ Next to Site Allocations

Resolved Policy Rules

Invoke the resolve-policy-rules operation

Request Body schema: application/yamlapplication/jsonapplication/yaml

Request Body schema:
application/yaml