aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSaryu Shah <ss3917@att.com>2017-11-03 21:02:26 +0000
committerSaryu Shah <ss3917@att.com>2017-11-05 01:11:14 +0000
commitd14620db60082e070ffa0d807d938836a47b26c1 (patch)
tree6a5dde7c145735d97ab0e7465402161fc7de025d
parent73009deb18478d0ee2e65cb8552ae4af70cc27f9 (diff)
Updated guard policy documentation
Updated guard policy documentation ------------------------------------------------------------- Change-Id: I81e7d2303f49f477a65a73daef10a3c6620d52da Issue-Id: POLICY-335 Signed-off-by: Saryu Shah <ss3917@att.com>
-rwxr-xr-xdocs/platform/PolicyGUI_GuardPolicy.pngbin330836 -> 331839 bytes
-rw-r--r--docs/platform/guardpolicy.rst15
2 files changed, 7 insertions, 8 deletions
diff --git a/docs/platform/PolicyGUI_GuardPolicy.png b/docs/platform/PolicyGUI_GuardPolicy.png
index 1d4295369..13b3e0fe9 100755
--- a/docs/platform/PolicyGUI_GuardPolicy.png
+++ b/docs/platform/PolicyGUI_GuardPolicy.png
Binary files differ
diff --git a/docs/platform/guardpolicy.rst b/docs/platform/guardpolicy.rst
index 1fcbed213..679723cbc 100644
--- a/docs/platform/guardpolicy.rst
+++ b/docs/platform/guardpolicy.rst
@@ -13,7 +13,9 @@ Background
Guard policies are used to limit what operations shall be permitted. These policies are specified in the Policy GUI or restful API and either return "PERMIT" or "DENY" on request.
-There are 2 types of policies, guard policies and blacklist guard policies. The blacklist describes what is not allowed to be permitted and guard policies describe what is allowed to be permitted. Note: as of 1802 release, Policy PDP behaves as a PERMIT overrides fashion so if any policy permits, it will override any denies.
+There are 2 types of policies, guard policies and blacklist guard policies. The blacklist describes what is not allowed to be permitted and guard policies describe what is allowed to be permitted. The Policy PDP behaves in a PERMIT overrides fashion, that is, if any policy permits, it will override any denies.
+
+.. note:: *Limit Functionality*: The determination to deny a request because it has exceeded the limit is based on the number of entries in the **database**.
Creating Guard Policies
^^^^^^^^^^^^^^^^^^^^^^^
@@ -27,16 +29,13 @@ The GUARD policy can be created from the POLICY GUI as shown below.
.. image:: PolicyGUI_GuardPolicy.png
-.. note:: The Onap Name must be empty for the policy to work. To accomplish this, instead of creating a new policy, **clone** the provided policy first and then **edit** it.
-
-.. warning:: The request does not get denied, even though the number of requests exceeds the limit.
-
API Method
----------
-Use PUT /createPolicy to create a policy.
-The request should be in the following form for regular guard policy:
+To create the policy, use the PUT /createPolicy API. This request uses Basic Access Authentication.
+
+The request should be in the following form for the regular guard policy:
.. code-block:: json
:caption: Regular Guard Policy Creation
@@ -119,7 +118,7 @@ The guard_request.json should be in the form of the following:
"onapName": "PDPD"
}
-A response containing a "PERMIT" or "DENY" in uppercase is returned as follows:
+A response containing a “PERMIT” or “DENY” in uppercase is returned as follows:
.. code-block:: json
:caption: Response