Skip to main content
Version: Next

defradb_client_acp_document_policy_add

defradb client acp document policy add

Add new policy

Synopsis

Add new policy

Notes:

  • Can not add a policy without specifying an identity.
  • ACP must be available (i.e. ACP can not be disabled).
  • A non-DRI policy will be accepted (will be registered with acp system).
  • But only a valid DRI policyID & resource can be specified on a schema.
  • DRI validation happens when attempting to add a schema with '@policy'.
  • Learn more about the DefraDB ACP System
defradb client acp document policy add [-i --identity] [policy] [flags]

Examples

Add from an argument string:  
  defradb client acp document policy add -i 028d53f37a19afb9a0dbc5b4be30c65731479ee8cfa0c9bc8f8bf198cc3c075f \
	'
	description: A Valid DefraDB Policy Interface

	actor:
	  name: actor

	resources:
	  users:
	    permissions:
	      read:
	        expr: owner + reader
	      update:
	        expr: owner
	      delete:
	        expr: owner

	    relations:
	      owner:
	        types:
	          - actor
	      reader:
	        types:
	          - actor
	'

Add from file:  
  defradb client acp document policy add -f policy.yml \
  	-i 028d53f37a19afb9a0dbc5b4be30c65731479ee8cfa0c9bc8f8bf198cc3c075f

Add from stdin:  
  cat policy.yml | defradb client acp document policy add -

Options

  -f, --file string   File to load a policy from
  -h, --help          help for add

Options inherited from parent commands

  -i, --identity string             Hex formatted private key used to authenticate with ACP
      --keyring-backend string      Keyring backend to use. Options are file or system (default "file")
      --keyring-namespace string    Service name to use when using the system backend (default "defradb")
      --keyring-path string         Path to store encrypted keys when using the file backend (default "keys")
      --log-format string           Log format to use. Options are text or json (default "text")
      --log-level string            Log level to use. Options are debug, info, error, fatal (default "info")
      --log-output string           Log output path. Options are stderr or stdout. (default "stderr")
      --log-overrides string        Logger config overrides. Format <name>,<key>=<val>,...;<name>,...
      --log-source                  Include source location in logs
      --log-stacktrace              Include stacktrace in error and fatal logs
      --no-keyring                  Disable the keyring and generate ephemeral keys
      --no-log-color                Disable colored log output
      --rootdir string              Directory for persistent data (default: $HOME/.defradb)
      --secret-file string          Path to the file containing secrets (default ".env")
      --source-hub-address string   The SourceHub address authorized by the client to make SourceHub transactions on behalf of the actor
      --tx uint                     Transaction ID
      --url string                  URL of HTTP endpoint to listen on or connect to (default "127.0.0.1:9181")

SEE ALSO

defradb_client_acp_document_policy_add
Edit this page