Policy Engine Overview
A Policy entity holds two types of entities.
Policy Rules
: a set of rules that will be checked when a Policy is being evaluated.Policy Controls
: a set of actions that will be executed if the Policy is activated (if one of the Policy Rules is activated).
Syntax:
When a Policy gets "checked against" -> we say it's being evaluated
When a Policy Rule being checked against “is transgressed” -> we say the Policy is activated
A Policy is executed in reaction to a specific activity happening, such as a specific API request.
The PolicyActivityKind
attached to the Policy on creation, defines which activity is going to trigger its evaluation. Eg. a policy of activityKind
"WalletsTransferAsset"
will be evaluated when an TransferAsset
API request is received.
Policy Rules
For a list of all supported Policy Rules, see CreatePolicyRule.
Policy Controls
When a Policy is activated (or breached), each one of the PolicyControl
is executed. For each one, it creates a PolicyControlExecution
entity, representing the execution of this policy control at this specific moment.
Some kind of PolicyControlKinds, like RequestApproval
, require a follow-up actions to be taken (approve or reject, using Approve/Reject PolicyControlExecution)
Last updated