Rule
Keys
Leafs
- class Nacm.RuleList.Rule
Bases:
EntityClass Hierarchy :
NacmRuleListRuleThis class represents configuration data.
One access control rule.
Rules are processed in user-defined order until a match is
found. A rule matches if ‘module-name’, ‘rule-type’, and
‘access-operations’ match the request. If a rule
matches, the ‘action’ leaf determines if access is granted
or not.
- name(key)
Arbitrary name assigned to the rule
type: str
length: 1..18446744073709551615
- module_name
Name of the module associated with this rule. This leaf matches if it has the value ‘*’ or if the object being accessed is defined in the module with the specified module name
type: union of the below types:
type: str
pattern: \*
type: str
default value: *
- rpc_name
This leaf matches if it has the value ‘*’ or if its value equals the requested protocol operation name
type: union of the below types:
type: str
pattern: \*
type: str
- notification_name
This leaf matches if it has the value ‘*’ or if its value equals the requested notification name
type: union of the below types:
type: str
pattern: \*
type: str
- path
Data Node Instance Identifier associated with the data node controlled by this rule. Configuration data or state data instance identifiers start with a top-level data node. A complete instance identifier is required for this type of path value. The special value ‘/’ refers to all possible datastore contents
type: str
mandatory: True
- access_operations
Access operations associated with this rule. This leaf matches if it has the value ‘*’ or if the bit corresponding to the requested operation is set
type: union of the below types:
default value: *
- action
The access control action associated with the rule. If a rule is determined to match a particular request, then this object is used to determine whether to permit or deny the request
type:
ActionTypemandatory: True
- comment
A textual description of the access rule
type: str