Creating a Security Policy
Add a security policy on the global policy master.
Prerequisites
About this task
Security policies can be created on a fabric that is designated as the global policy master.
See Designating a Fabric as Global Policy Master to designate a fabric as the global policy master.
A security policy is a common set of access permissions on the Data Fabric file system that can be assigned to users and/or groups, or to public (all users).
The following permissions can be assigned on files and directories on the Data Fabric
file system.
- Read, write, execute permissions on files
- Read, lookup, add child directory, delete child directory on directories
A security policy can be assigned to volumes when tagging is allowed.
See Administering Security Policies for details on values for the
allow tagging
and access control
fields for a
security policy.
NOTE
When you allow tagging, you can assign the security policy to a volume on the
fabric.Procedure
- Log on to the Data Fabric UI.
- Select Fabric manager from the dropdown on the Home page.
- Click Security Administration seen on the Home page.
- Click Create Policy on the Global policies card.
- Enter the Name of the security policy.
- Enter the Description.
- Select the option for Access Control.
- Toggle Allow Tagging to allow or disallow tagging.
- Click Add access permissions to add access permissions to directories and files for selected users or groups.
- To grant permission to all users and groups, turn on the Public toggle. To grant permissions to specific users or groups, turn off the Public toggle, and enter a comma-separated list of users or groups.
- Select the permissions to be granted on directories and files to the specified users or groups.
- Click Add.
- Click Create.
Results
Related maprcli Commands
To implement the features described on this page, the
Data Fabric UI relies on the following
maprcli
command. The
command is provided for general reference. For more information, see maprcli Commands in This Guide.