Action Overview and explanation¶
Actions are the functional permissions between an acting [subject] and an acted on [object]. They allow you to fine-tune access patterns to your requirements.
List of all available actions¶
Resource Type | Action | Description |
---|---|---|
mdsp:core:idl:prefix:read | Read a prefix (an object in an Integrated Data Lake), to download data from Data Lake | |
Prefix | mdsp:core:idl:prefix:create | Create a prefix, to upload data into Data Lake |
mdsp:core:idl:prefix:delete | Delete a prefix, to delete data (single object or in bulk) from Data Lake | |
Asset | mdsp:core:assetmanagement:asset:read | Allows a user to read given asset |
Asset | mdsp:core:assetmanagement:asset:write | Allows a user to make modifications on given asset (on which policy is being created). This means - user can update/delete given asset - user can create a new asset with given asset as its parent - user can update its location - user can move given asset under other asset on which user has write access |
Asset | mdsp:core:eventmanagement:event:allow | Allows a user to read, create, bulk create and update access to events of corresponding asset |
Asset | mdsp:core:iotservices:timeseries:write_normal | Allows a user to push timeseries data for single Asset/Aspect |
Asset | mdsp:core:iotservices:timeseries:write_multiassetmultiaspect | Allows a user to push timeseries data for multiple Asset/Aspects |
Asset | mdsp:core:iotservices:timeseries:write_bulk | Allows a user to import high frequency timeseries data |
Asset | mdsp:core:iotservices:timeseries:write_merge | Allows a user to push timeseries data as patch/merge operation for single Asset/Aspect |
Asset | mdsp:core:iotservices:timeseries:read | Allows a user to read ingested or aggregated timeseries data, also used to import timeseries data into Data Lake |
Asset | mdsp:core:iotservices:timeseries:delete | Allows a user to delete timeseries data |
Asset | mdsp:core:iotservices:timeseries:subscribe | Allows a user to read, create, delete timeseries subscription data |
Asset | mdsp:core:iotservices:files:write | Allows a user to perform File write operation (single or multi-part write) |
Asset | mdsp:core:iotservices:files:read | Allows a user to perform File read operation (single or multi-part read) |
Asset | mdsp:core:iotservices:files:delete | Allows a user to perform File delete operation |
Dependencies among Actions¶
Some actions have others as a prerequisite. To avoid inconsistencies, they are enforced during creation of policies.
Info
The Policy Editor will show you these dependencies during configuration.
Action | Depends On |
---|---|
mdsp:core:assetmanagement:asset:write | mdsp:core:assetmanagement:asset:read |
mdsp:core:eventmanagement:event:allow | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:write_normal | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:write_multiassetmultiaspect | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:write_bulk | mdsp:core:assetmanagement:asset:read mdsp:core:iotservices:files:write mdsp:core:iotservices:files:read |
mdsp:core:iotservices:timeseries:write_merge | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:read | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:delete | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:timeseries:subscribe | mdsp:core:assetmanagement:asset:read mdsp:core:iotservices:timeseries:read |
mdsp:core:iotservices:files:write | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:files:read | mdsp:core:assetmanagement:asset:read |
mdsp:core:iotservices:files:delete | mdsp:core:assetmanagement:asset:read |