EIM Policy Grammar
This topic explains the grammar for EIM policy documents, based on JSON format and composed of different elements specifying EIM identities and the actions that the permissions relate to.
Policy Documents Language
Policy documents are written in JSON. The following table presents the different characters used in policy documents, that are part of JSON basic rules:
| Character | Character Name | User |
|---|---|---|
Whitespace |
To separate individual entities. |
|
" " |
Quotation marks |
To enclose values (optional for numeric and boolean values). |
{ } |
Braces |
To enclose JSON blocks containing key-value elements. |
[ ] |
Square brackets |
To specify a JSON array as an element value. Arrays let you specify one or more values for a same element (if the element supports it). |
, |
Comma |
To separate values in a JSON array or to separate JSON blocks. |
Policy General Grammar
Permissions are declared in policy documents, that contain one or more individual statements defining the permissions in terms of actions. To define permissions contained in a policy, you must set the policy-document attribute as in the following format:
|
EIM policies are case sensitive. All elements must start with an upper-case letter. |
{"Statement":[
{
"Action":["xxx","yyy"],
"Effect":"allow",
"Resource":["*"],
},
{
"Action":["xxx","yyy"],
"Effect":"deny",
"Resource":["*"]
}
]
}For more information about the different policy document elements, see EIM Policy Elements.
Related Pages