Creating a Security Policy

Add a security policy on the global policy master.

Prerequisites

You must have the permission to create a security policy.

About this task

Security policies can be created on a fabric that is designated as the global policy master.

See Designating a Fabric as Global Policy Master to designate a fabric as the global policy master.

A security policy is a common set of access permissions on the Data Fabric file system that can be assigned to users and/or groups, or to public (all users).

The following permissions can be assigned on files and directories on the Data Fabric file system.
  • Read, write, execute permissions on files
  • Read, lookup, add child directory, delete child directory on directories

A security policy can be assigned to volumes when tagging is allowed.

See Administering Security Policies for details on values for the allow tagging and access control fields for a security policy.

NOTE
When you allow tagging, you can assign the security policy to a volume on the fabric.

Procedure

  1. Log on to the Data Fabric UI.
  2. Select Fabric manager from the dropdown on the Home page.
  3. Click Security Administration seen on the Home page.
  4. Click Create Policy on the Global policies card.
  5. Enter the Name of the security policy.
  6. Enter the Description.
  7. Select the option for Access Control.
  8. Toggle Allow Tagging to allow or disallow tagging.
  9. Click Add access permissions to add access permissions to directories and files for selected users or groups.
  10. To grant permission to all users and groups, turn on the Public toggle. To grant permissions to specific users or groups, turn off the Public toggle, and enter a comma-separated list of users or groups.
  11. Select the permissions to be granted on directories and files to the specified users or groups.
  12. Click Add.
  13. Click Create.

Results

The security policy is created and is displayed on the Global Policies card for the fabric.
Related maprcli Commands
To implement the features described on this page, the Data Fabric UI relies on the following maprcli command. The command is provided for general reference. For more information, see maprcli Commands in This Guide.