๐Ÿ’ปCreating and using Roles

For a demo example of following steps, here is the policy timestamp: 1675164531.823309003

User roles usage in Policies

An example of creating and using Roles in Policy

  1. Switch to the Roles tab

  1. Create 2 new roles called โ€˜Example role 1โ€™ and โ€˜Example role 2โ€™

  1. In the root container create 4 more โ€™interfaceContainerBlockโ€™ container called โ€˜no_roleโ€™, โ€˜ownerโ€™, โ€˜role_1โ€™ and โ€˜role_2โ€™

Note: By default all containers would have โ€˜Any Roleโ€™ set and thus they would be visible to all users (with all roles)

  1. Change the โ€˜Permissionsโ€™ properties in each container in the following way:

  • no_role: No Role

  • owner: Owner

  • role_1: Example role 1

  • role_2: Example role 2

This would result in the following visibility of containers:

  • The first container (called โ€™no roleโ€™) would be visible only to new users which have no role assigned to them

  • The โ€˜ownerโ€™ container would be visible only to the Standard Registry which created (or imported) this policy

  • The โ€˜role 1โ€™ container would be visible only to users with โ€˜Example role 1โ€™

  • The โ€˜role 2โ€™ container would be visible only to users with โ€˜Example role 2โ€™

  1. Add a โ€˜policyRolesBlockโ€™ to the โ€˜no_roleโ€™ container and name it โ€˜choose_roleโ€™

Since this block is located inside the container โ€˜no_roleโ€™ which has โ€˜No roleโ€™ permission setting it would only be visible to new users without an assigned role.

  1. The โ€˜Available Rolesโ€™ property allows to configure which roles would be available to users to chose from at this stage of the Policy workflow

Select โ€˜Example role 1โ€™ and โ€˜Example role 2โ€™

  1. Add โ€˜informationBlockโ€™ to other containers just to display results


  1. New users would end up on the policy choice form upon entering the policy

  1. After the selection of the role users would see only 1 container corresponding to their roles

  1. The owner of the Policy (the Standard Registry user) upon executing the policy would skip the role selection form and would immediately end-up in the corresponding container

Last updated