Last active
November 17, 2016 09:55
-
-
Save james-nesbitt/8a5e59b93187c9bbda8ae00083cb64cd to your computer and use it in GitHub Desktop.
kraut security proposal: sequential rules approach
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - Operation: monitor.* | |
| Property: | |
| security.user.role: | |
| - authenticated | |
| - Operation: upcloud.destroy | |
| Property: | |
| security.user.name: | |
| - jamesnesbitt | |
| - jannekoponen | |
| upcloud.server.uuid: | |
| - AAAAAA-AAAAAAA-AAAAAAA | |
| - Operation: upcloud.* | |
| Property: | |
| security.user.role: | |
| - admin | |
| # Demo to show more options | |
| - Id: production.wkfi.demo_operation | |
| Message: User {security.user.name} is not allowed to demo {demo.property.one} | |
| Operation: demo.operation | |
| Authorize: Deny # Default is Allow | |
| Aggregate: OR # Default is AND | |
| Property: | |
| demo.property.one: | |
| - value1 | |
| - value2 | |
| demo.property.two: | |
| - value3 | |
| - value4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment