Rule¶
Keys
Leafs
-
class
Nacm.RuleList.Rule¶ Bases:
EntityClass Hierarchy:
NacmRuleListRuleThis class represents configuration data.
One access control rule.
Rules are processed in user-defined order until a match is
found. A rule matches if ‘module-name’, ‘rule-type’, and
‘access-operations’ match the request. If a rule
matches, the ‘action’ leaf determines if access is granted
or not.
-
name(key)¶ Arbitrary name assigned to the rule
type: str
length: 1..18446744073709551615
-
module_name¶ Name of the module associated with this rule. This leaf matches if it has the value ‘*’ or if the object being accessed is defined in the module with the specified module name
type: union of the below types:
type: str
pattern: \*type: str
default value: *
-
rpc_name¶ This leaf matches if it has the value ‘*’ or if its value equals the requested protocol operation name
type: union of the below types:
type: str
pattern: \*type: str
-
notification_name¶ This leaf matches if it has the value ‘*’ or if its value equals the requested notification name
type: union of the below types:
type: str
pattern: \*type: str
-
path¶ Data Node Instance Identifier associated with the data node controlled by this rule. Configuration data or state data instance identifiers start with a top-level data node. A complete instance identifier is required for this type of path value. The special value ‘/’ refers to all possible datastore contents
type: str
mandatory: True
-
access_operations¶ Access operations associated with this rule. This leaf matches if it has the value ‘*’ or if the bit corresponding to the requested operation is set
type: union of the below types:
default value: *
-
action¶ The access control action associated with the rule. If a rule is determined to match a particular request, then this object is used to determine whether to permit or deny the request
type:
ActionTypemandatory: True
-
comment¶ A textual description of the access rule
type: str
-