-
Notifications
You must be signed in to change notification settings - Fork 1
/
ecommerceHierarchyAndAbacScenario.json
31 lines (30 loc) · 1.36 KB
/
ecommerceHierarchyAndAbacScenario.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
{
"validationMode": "STRICT",
"policyStoreDescription": "Policy store for the Hierarchy and ABAC Scenario, created via avp-cli tool",
"name": "Ecommerce with Hierarchy and ABAC Scenario",
"description": "This scenario demonstrates the use of Hierarchy and ABAC (with Entities) in Amazon Verified Permissions. It allows sellers to sell car if department matches the car's department.",
"schemaPath": "./scenarios/ecommerceHierarchyAndAbacScenario/schema.json",
"policies": [
{
"path": "./scenarios/ecommerceHierarchyAndAbacScenario/allow_policy.cedar",
"description": "Allows sellers to sell car if department matches the car's department"
}
],
"tests": [
{
"path": "./scenarios/ecommerceHierarchyAndAbacScenario/allow_test_1.json",
"description": "User 1 is allowed the ability to sell (action) porsche car (resource).",
"type": "allow"
},
{
"path": "./scenarios/ecommerceHierarchyAndAbacScenario/deny_test_1.json",
"description": "User 1 is denied the ability to sell (action) porsche car (resource), due to not matching departments.",
"type": "forbid"
},
{
"path": "./scenarios/ecommerceHierarchyAndAbacScenario/deny_test_2.json",
"description": "User 1 is denied the ability to sell (action) porsche car (resource), due to not matching department name.",
"type": "forbid"
}
]
}