2021-12-09 18:19:32 +05:30
# AccessControlRule
2022-01-25 22:19:15 +05:30
Describes an Access Control Rule for OpenMetadata Metadata Operations. All non-null user (subject) and entity (object) attributes are evaluated with logical AND.
2021-12-09 18:19:32 +05:30
**$id:** [**https://open-metadata.org/schema/entity/data/policies/accessControl/rule.json** ](https://open-metadata.org/schema/entity/policies/accessControl/rule.json )
Type: `object`
This schema < u > does not< / u > accept additional properties.
## Properties
2022-01-25 22:19:15 +05:30
- **name** `required`
- Name for this Rule.
- Type: `string`
- **entityTypeAttr**
- Entity type that the rule should match on.
- Type: `string`
- **entityTagAttr**
- Entity tag that the rule should match on.
- $ref: [../../type/tagLabel.json#/definitions/tagFQN ](../types/taglabel.md#tagfqn )
- **userRoleAttr**
- Role of the user that the rule should match on.
2022-03-08 09:23:53 +05:30
- $ref: [../teams/role.json#/definitions/roleName ](role.md#rolename )
2022-01-25 22:19:15 +05:30
- **operation**
- Operation on the entity.
- $ref: [#/definitions/operation ](#operation )
- **allow**
- Allow or Deny operation on the entity.
- Type: `boolean`
- Default: _false_
- **priority**
- Priority of this rule among all rules across all policies.
- Type: `integer`
- Default: `250000`
- **enabled**
- Is the rule enabled.
- Type: `boolean`
- Default: _true_
## Type definitions in this schema
### operation
- This schema defines all possible operations on metadata of data entities.
- Type: `string`
- The value is restricted to the following:
1. _"SuggestDescription"_
2. _"SuggestTags"_
3. _"UpdateDescription"_
4. _"UpdateOwner"_
5. _"UpdateTags"_
6. _"UpdateLineage"_
2022-03-08 09:23:53 +05:30
7. _"DecryptTokens"_
8. _"UpdateTeam"_
2022-01-25 22:19:15 +05:30
2022-03-10 12:55:35 +05:30
_This document was updated on: Wednesday, March 9, 2022_
