Project Matches

This section describes features that are coming in 3.3.

The project-matches condition allows you to constrain a policy statement so that it applies to entities that are contained with a project. The project can be matched using either its ID (_doc) or its title.

This condition supports regular expressions, allowing you to focus in on a single value or wildcard expressions for matches.

Configuration

To match a project by ID:

{
    "type": "project-matches",
    "config": {
        "id": "{value regex}"
    }
}

To match a project by Title:

{
    "type": "project-matches",
    "config": {
        "title": "{value regex}"
    }
}

Samples

This policy document grants the Consumer role to a specific piece of content if it resides within the project with ID 46ba5e0d79b83aac97ec.

{
    "title": "My Sample Policy",
    "statements": [{
        "action": "grant",
        "roles": ["consumer"],
        "conditions": [{
            "type": "project-matches",
            "config": {
                "id": "46ba5e0d79b83aac97ec"
            }
        }]
    }]
}