Managing Policy
Creating a Namespace
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy/namespaces"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "https://opentdf.io"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// Create Namesapce
namespace := &namespaces.CreateNamespaceRequest{
Name: "opentdf.io",
}
_, err = client.Namespaces.CreateNamespace(context.Background(), namespace)
if err != nil {
log.Fatal(err)
}
}
List Namespaces
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy/namespaces"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// List All Namespaces
namespaces, err := client.Namespaces.ListNamespaces(context.Background(), &namespaces.ListNamespacesRequest{})
if err != nil {
log.Fatal(err)
}
for _, namespace := range namespaces.GetNamespaces() {
log.Printf("Namespace: %s\n", namespace.GetName())
}
}
Create Attribute
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy"
"github.com/opentdf/platform/protocol/go/policy/attributes"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// Create a new attribute
namespaceID := "f9ac9403-a12f-4ed3-b3c9-a46910361b4d"
attrRequest := &attributes.CreateAttributeRequest{
NamespaceId: namespaceID,
Name: "role",
Rule: policy.AttributeRuleTypeEnum_ATTRIBUTE_RULE_TYPE_ENUM_ANY_OF,
Values: []string{"admin", "developer", "guest"},
}
_, err = client.Attributes.CreateAttribute(context.Background(), attrRequest)
if err != nil {
log.Fatal(err)
}
}
List Attributes
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy/attributes"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// List attributes
attrs, err := client.Attributes.ListAttributes(context.Background(), &attributes.ListAttributesRequest{})
if err != nil {
log.Fatal(err)
}
for _, attr := range attrs.GetAttributes() {
log.Printf("Attribute: %s, ID: %s, ", attr.GetName(), attr.GetId())
for _, value := range attr.Values {
log.Printf("Value: %s, ID: %s", value.GetValue(), value.GetId())
}
}
}
Create Subject Condition Set
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy"
"github.com/opentdf/platform/protocol/go/policy/subjectmapping"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// Create Subject Condition Set
coditionset := &subjectmapping.CreateSubjectConditionSetRequest{
SubjectConditionSet: &subjectmapping.SubjectConditionSetCreate{
SubjectSets: []*policy.SubjectSet{
{
ConditionGroups: []*policy.ConditionGroup{
{
BooleanOperator: policy.ConditionBooleanTypeEnum_CONDITION_BOOLEAN_TYPE_ENUM_AND,
Conditions: []*policy.Condition{
{
SubjectExternalSelectorValue: ".clientId",
Operator: policy.SubjectMappingOperatorEnum_SUBJECT_MAPPING_OPERATOR_ENUM_IN,
SubjectExternalValues: []string{"opentdf"},
},
},
},
},
},
},
},
}
_, err = client.SubjectMapping.CreateSubjectConditionSet(context.Background(), coditionset)
if err != nil {
log.Fatal(err)
}
}
Create Subject Mapping
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy"
"github.com/opentdf/platform/protocol/go/policy/subjectmapping"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// Create Subject Mapping
subjectMapping := &subjectmapping.CreateSubjectMappingRequest{
AttributeValueId: "224c9d29-2cd4-4a38-b6ad-5f025ca93a8c",
Actions: []*policy.Action{
{
Value: &policy.Action_Standard{
Standard: policy.Action_STANDARD_ACTION_DECRYPT,
},
},
},
ExistingSubjectConditionSetId: "890b26db-4ee4-447f-ae8a-2862d922eeef",
}
_, err = client.SubjectMapping.CreateSubjectMapping(context.Background(), subjectMapping)
if err != nil {
log.Fatal(err)
}
}
List Subject Mappings
- Go
- Java
- Javascript
package main
import (
"context"
"log"
"github.com/opentdf/platform/protocol/go/policy/subjectmapping"
"github.com/opentdf/platform/sdk"
)
func main() {
platformEndpoint := "http://localhost:9002"
// Create a new client
client, err := sdk.New(
platformEndpoint,
sdk.WithClientCredentials("opentdf", "secret", nil),
)
if err != nil {
log.Fatal(err)
}
// List Subject Mapping
subjectmappings, err := client.SubjectMapping.ListSubjectMappings(context.Background(), &subjectmapping.ListSubjectMappingsRequest{})
if err != nil {
log.Fatal(err)
}
for _, sm := range subjectmappings.GetSubjectMappings() {
log.Printf("Subject Mapping: %s", sm.GetId())
}
}