조건부정책
- SHIELDrive에서 사용되는 조건부정책 타입 정리
조건부정책 사용 케이스
- 스토리지 사용 권한
- 스토리지 파일 전송
- 공유함 사용 권한
- 개인함 파일 공유
조건부정책 key
resource
-
resourceType
- STORAGE
- STORAGE_FILE_TRANSFER
- ENTITY
- ENTITY_SHARE
decisionFactors
enforcementAttributes
-
category
- PRIVILEGE
- FILE_TRANSFER
-
info
-
PRIVILEGE category
move read edit upload msMessageExtension extraction delete download webOffice share appOffice copy shareFolderControl shareFolderInvite shwDownload period
-
FILE_TRANSFER category
FILE_SIZE FILE_TAG UPLOAD_DATE FILE_ID USER_NAME FILE_PATH FILE FILE_NAME URL USER_ACCOUNT FILE_VERSION
-
Sample Data
- STORAGE
{
"name": "test1",
"description": "",
"order": 6,
"conditionOperation": "AND",
"principal": {
"allUser": true,
"userIdList": [],
"groupIdList": [],
"policyGroupIdList": [],
"excludedUserIdList": [],
"excludedGroupIdList": [],
"excludedPolicyGroupIdList": []
},
"enforcementAttributes": [
{
"order": 0,
"category": "PRIVILEGE",
"info": {
"move": "ALLOW_ALL",
"period": "0",
"read": "true",
"edit": "true",
"upload": "true",
"shareFolderInvite": "false",
"msMessageExtension": "true",
"extraction": "true",
"delete": "true",
"shareFolderControl": "false",
"download": "true",
"webOffice": "DENY",
"share": "true",
"appOffice": "true",
"copy": "ALLOW_ALL",
"shwDownload": "false"
}
}
],
"decisionFactors": [
{
"category": "STORAGE",
"targets": [
{
"type": "TYPE",
"use": true,
"operation": "OR",
"info": {
"id": [
"NAS"
]
}
},
{
"type": "RESOURCE",
"use": true,
"operation": "OR",
"info": {
"id": [
"36e767e1577111eea6e75661e2f1166a",
"5de55ad8a1e811edb87f1ab87b8d7925"
]
}
}
]
}
],
"connectedConditionTypes": [],
"condition": {
"ipAddress": {
"sourceIp": [
"2.2.2.2-2.2.2.2",
"102.102.102.120-102.102.102.120"
]
}
},
"excludedCondition": {},
"use": true,
"conditionalPolicyId": "iW7El55u-BbbnlgR7-1IktlowJ-KXIFOFmm",
"insertTime": "2024-03-27 08:12:50",
"updateTime": "2024-03-27 08:12:50",
"resource": {
"clientId": "c56bc1bc-d96c-422f-b947-68101d4a26f2",
"resourceType": "STORAGE",
"resourceId": ""
},
"conditional": true,
"mappedWithConditionInfo": true
}
- STORAGE_FILE_TRANSFER
{
"name": "test1",
"description": "",
"order": 1,
"conditionOperation": "AND",
"principal": {
"allUser": true,
"userIdList": [],
"groupIdList": [],
"policyGroupIdList": [],
"excludedUserIdList": [],
"excludedGroupIdList": [],
"excludedPolicyGroupIdList": []
},
"enforcementAttributes": [
{
"order": 0,
"category": "FILE_TRANSFER",
"info": {
"FILE_SIZE": "FILE_SIZE",
"FILE": "FILE"
}
}
],
"decisionFactors": [
{
"category": "STORAGE",
"targets": [
{
"type": "RESOURCE",
"use": true,
"operation": "OR",
"info": {
"id": [
"36e767e1577111eea6e75661e2f1166a"
]
}
}
]
}
],
"connectedConditionTypes": [],
"condition": {},
"excludedCondition": {},
"use": true,
"conditionalPolicyId": "J0bwYNtt-1utKITn8-d8jDmchS-qCrEIPXg",
"insertTime": "2024-03-27 08:16:31",
"updateTime": "2024-03-27 08:16:31",
"resource": {
"clientId": "c56bc1bc-d96c-422f-b947-68101d4a26f2",
"resourceType": "STORAGE_FILE_TRANSFER",
"resourceId": ""
},
"conditional": true,
"mappedWithConditionInfo": false
}
- ENTITY
{
"name": "common1",
"description": "",
"order": 4,
"conditionOperation": "AND",
"principal": {
"allUser": true,
"userIdList": [],
"groupIdList": [],
"policyGroupIdList": [],
"excludedUserIdList": [],
"excludedGroupIdList": [],
"excludedPolicyGroupIdList": []
},
"enforcementAttributes": [
{
"order": 0,
"category": "PRIVILEGE",
"info": {
"move": "ALLOW_ALL",
"period": "0",
"read": "true",
"edit": "true",
"upload": "true",
"shareFolderInvite": "true",
"msMessageExtension": "true",
"extraction": "true",
"delete": "true",
"shareFolderControl": "true",
"download": "true",
"webOffice": "DENY",
"share": "true",
"appOffice": "true",
"copy": "ALLOW_ALL",
"shwDownload": "true"
}
}
],
"decisionFactors": [
{
"category": "ENTITY",
"targets": [
{
"type": "RESOURCE",
"use": true,
"operation": "OR",
"info": {
"id": [
"74ea3cef900811ee907caa4270550aa7"
]
}
}
]
}
],
"connectedConditionTypes": [],
"condition": {
"dateTimeLessThan": {
"currentDateTime": [
"2024-04-01 15:00:00"
]
}
},
"excludedCondition": {},
"use": true,
"conditionalPolicyId": "N7wCVkwL-iKmachIf-sY68Axd2-05CGuPnn",
"insertTime": "2024-03-27 08:19:25",
"updateTime": "2024-03-27 08:19:25",
"resource": {
"clientId": "c56bc1bc-d96c-422f-b947-68101d4a26f2",
"resourceType": "ENTITY",
"resourceId": ""
},
"conditional": true,
"mappedWithConditionInfo": false
}
- ENTITY_SHARE
{
"name": "test1",
"description": "",
"order": 1,
"conditionOperation": "AND",
"principal": {
"allUser": true,
"userIdList": [],
"groupIdList": [],
"policyGroupIdList": [],
"excludedUserIdList": [],
"excludedGroupIdList": [],
"excludedPolicyGroupIdList": []
},
"enforcementAttributes": [
{
"order": 0,
"category": "PRIVILEGE",
"info": {
"download": "true",
"read": "true",
"edit": "true"
}
}
],
"decisionFactors": [
{
"category": "ENTITY",
"targets": [
{
"type": "RESOURCE",
"use": true,
"operation": "OR",
"info": {
"id": [
"36e767e1577111eea6e75661e2f1166a"
]
}
}
]
}
],
"connectedConditionTypes": [],
"condition": {},
"excludedCondition": {},
"use": true,
"conditionalPolicyId": "ZapHHpeJ-6N2V0BXn-lwPrvUIv-d6B8cd1u",
"insertTime": "2024-03-27 08:18:11",
"updateTime": "2024-03-27 08:18:11",
"resource": {
"clientId": "c56bc1bc-d96c-422f-b947-68101d4a26f2",
"resourceType": "ENTITY_SHARE",
"resourceId": ""
},
"conditional": true,
"mappedWithConditionInfo": false
}