Re: [PR] Catalog Spec: Policy Management Apis [polaris]

Fri, 07 Feb 2025 12:01:29 -0800 


HonahX commented on code in PR #808:
URL: https://github.com/apache/polaris/pull/808#discussion_r1947117147


##########
spec/generated/bundled-polaris-catalog-service.yaml:
##########
@@ -1359,6 +1359,257 @@ paths:
           $ref: '#/components/responses/ServiceUnavailableResponse'
         5XX:
           $ref: '#/components/responses/ServerErrorResponse'
+  /v1/{prefix}/namespaces/{namespace}/policies:
+    parameters:
+      - $ref: '#/components/parameters/prefix'
+      - $ref: '#/components/parameters/namespace'
+    post:
+      tags:
+        - Catalog API
+      summary: Create a policy in the given namespace
+      operationId: createPolicy
+      description: |
+        Creates a policy within the specified namespace.
+
+        A policy defines a set of rules governing actions on specified 
resources under predefined conditions.
+        In Apache Polaris, policies are created, stored, and later referenced 
by external engines to enforce access controls on associated resources.
+
+        User provides the following inputs when creating a policy
+        - `name`(REQUIRED): The name of the policy.
+        - `type` (REQUIRED): The type of the policy. It can be either 
predefined type or custom type.
+          - **Predefined Policies:** system.compaction, 
system.snapshot_retention
+          - **Custom Policies:** custom.<org_name>.data_masking, 
custom.<user_id>.audit_policy
+
+        - `description` (OPTIONAL): Provides details about the policy's 
purpose and functionality
+        - `content` (OPTIONAL): Defines the rules that control actions and 
access conditions on resources. The format can be JSON, SQL, or any other 
format.
+
+        The policy content is validated by the server upon creation or update: 
+        - Predefined policies are validated using built-in server-side 
validators
+        - Custom policies rely on user-provided validators.

Review Comment:
   Good point! I removed the details below and leaves a general statement that 
policy content will be validated against policy's validator, just showing that 
server need to ensure the policy content is valid



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to