Skip to main content

otdfctl policy actions

actions - Manage Actions

Synopsis

otdfctl policy actions

Description

Actions are a set of standard and custom verbs at the core of an Access Decision or an Obligation. In the context of an entitlement decision, adding Actions to Subject Mappings answers "what can an Entity do to a Resource?"

Standard Actions in Policy are comprised of the below, and only their metadata labels are mutable:

  • create
  • read (considered within all TDF decrypt flows)
  • update
  • delete

Custom Actions known to Policy are admin-defined, globally unique (not namespaced), and will be lower cased when stored. They may contain underscores (_) or hyphens (-) if preceded or followed by an alphanumeric character. For example:

  • download
  • queue-to-print
  • send_email

For more information about entitlement and Subject Mappings, see the subject-mappings command.

Aliases

action