This tutorial describes how to use the PingAuthorize Policy Editor to import default attribute-based access control policies. It also introduces the Trust Framework and describes the default policies.
Before you can begin writing policies, you must import the default policies from a
snapshot file. This file contains a minimal set of policies and the default Trust
Framework. The Trust Framework defines the
foundational elements that you use to build policies, such as
The default policies and Trust Framework are stored in a snapshot file named defaultPolicies.SNAPSHOT, which is bundled with both PingAuthorize Server and the Policy Editor. You must base all policies that you create for use with PingAuthorize on the policies and Trust Framework entities defined in this file.
To use the default policies that are distributed with PingAuthorize Server:
Copy defaultPolicies.SNAPSHOT from the PingAuthorize
Policy Editor container to the current directory on your computer
using the following command.
Be sure to include the trailing
docker cp pingauthorizepap:/opt/out/instance/resource/policies/defaultPolicies.SNAPSHOT .
- Sign on to the Policy Editor using the URL and credentials from Accessing the GUIs.
- In the Import a Branch from a Snapshot section, click Snapshot and select the file that you just copied to your computer.
In the Name field, enter PingAuthorize
The Policy Editor displays the Version Control page. From this page, you can manage policy changes similar to how you would in a software source control system.
To select the policy branch that you just created, click PingAuthorize
A Commits table opens. This table provides a log of all changes made to a policy branch.
arrow at the left of the top line for Uncommitted
This opens a list of all changes to the policy branch that are yet to be committed. In this case, the list includes all of the contents of the snapshot that you just imported.
- Click Commit New Changes.
In the Commit Message field, enter Initial
commit. Click Commit.
As you develop your own policies, you can use the Policy Editor's version control feature to manage your changes. Follow best practices by committing your changes every time you achieve a satisfactory working state.