keycloak-scim/authorization_services/topics/permission-create-resource.adoc

53 lines
1.8 KiB
Text
Raw Normal View History

2016-11-29 15:30:53 +00:00
[[_permission_create_resource]]
= Creating resource-based permission
A resource-based permission defines a set of one or more resources to protect using a set of one or more authorization policies.
2016-06-05 22:17:31 +00:00
ifeval::[{project_community}==true]
To create a new resource-based permission, select *Create resource-based permission* from the *Create permission* dropdown.
endif::[]
ifeval::[{project_product}==true]
To create a new resource-based permission, select *Resource-based* in the item list in the upper right corner of the permission listing.
endif::[]
.Add Resource Permission
image:{project_images}/permission/create-resource.png[alt="Add Resource Permission"]
== Configuration
2016-06-05 22:17:31 +00:00
* *Name*
+
A human-readable and unique string describing the permission. A best practice is to use names that are closely related to your business and security requirements, so you
can identify them more easily.
2016-06-05 22:17:31 +00:00
+
* *Description*
+
A string containing details about this permission.
2016-07-26 21:34:49 +00:00
2016-11-29 15:30:53 +00:00
[[_permission_create_resource_apply_resource_type]]
2016-06-05 22:17:31 +00:00
* *Apply To Resource Type*
+
Specifies if the permission is applied to all resources with a given type. When selecting this field, you are prompted to enter the resource type to protect.
2016-06-05 22:17:31 +00:00
+
** Resource Type
+
Defines the resource type to protect. When defined, this permission is evaluated for all resources matching that type.
2016-06-05 22:17:31 +00:00
+
* *Resources*
+
Defines a set of one or more resources to protect.
2016-06-05 22:17:31 +00:00
ifeval::[{project_community}==true]
* *Policy*
endif::[]
ifeval::[{project_product}==true]
2016-06-05 22:17:31 +00:00
* *Apply Policy*
endif::[]
2016-06-05 22:17:31 +00:00
+
Defines a set of one or more policies to associate with a permission. To associate a policy you can either select an existing policy
or create a new one by selecting the type of the policy you want to create.
2016-06-05 22:17:31 +00:00
* *Decision Strategy*
+
The <<_permission_decision_strategies, Decision Strategy>> for this permission.