Settings API - Management zones settings schema table
Management zones settings (builtin:management-zones
)
Management zones enable defining fine grained access rights to parts of an environment. A Management zone consists of a set of entities like applications, hosts, process groups, or services.
For each Management zone you can define which user groups have access to them. This way you can ensure the confidentiality of certain parts of an environment and still keep an end to end view across all components for the users that need it.
For value suggestions based on entity data and preview functionality, environment-wide "Access environment" permission is required.
Schema ID | Schema groups | Scope |
---|---|---|
builtin:management-zones |
| environment |
Parameters
Property | Label | Type | Description | Required |
---|---|---|---|---|
name | Management zone name | text | Be careful when renaming - if there are policies that are referencing this Management zone, they will need to be adapted to the new name! | required |
description | Description | text | - | optional |
rules | Rules | set | - | required |
Request body objects
The AttributeCondition
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
key | Property | enum | - | required |
dynamicKeySource | Key source | text | - | required |
dynamicKey | Dynamic key | text | - | required |
operator | Operator | enum | - | required |
enumValue | Value | text | - | required |
stringValue | Value | text | - | required |
caseSensitive | Case sensitive | boolean | - | required |
integerValue | Value | integer | - | required |
entityId | Value | text | - | required |
tag | Tag | text | Format: | required |
The ManagementZoneAttributeRule
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
entityType | Rule applies to | enum | - | required |
conditions | Conditions | set | - | required |
serviceToHostPropagation | Apply to underlying hosts of matching services | boolean | - | required |
serviceToPGPropagation | Apply to underlying process groups of matching services | boolean | - | required |
pgToHostPropagation | Apply to underlying hosts of matching process groups | boolean | - | required |
pgToServicePropagation | Apply to all services provided by the process groups | boolean | - | required |
hostToPGPropagation | Apply to processes running on matching hosts | boolean | - | required |
customDeviceGroupToCustomDevicePropagation | Apply to custom devices in a custom device group | boolean | - | required |
azureToServicePropagation | Apply to services provided by matching Azure entities | boolean | - | required |
azureToPGPropagation | Apply to process groups connected to matching Azure entities | boolean | - | required |
The DimensionCondition
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
conditionType | Type | enum | - | required |
key | Key | text | - | required |
ruleMatcher | Operator | enum | - | required |
value | Value | text | - | required |
The DimensionRule
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
appliesTo | Type | enum | - | required |
conditions | Conditions | set | - | required |
The Rule
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
enabled | Enabled | boolean | - | required |
type | Rule type | enum | - | required |
attributeRule | - | ManagementZoneAttributeRule | - | required |
dimensionRule | - | DimensionRule | - | required |
entitySelector | Entity selector | text | The documentation of the entity selector can be found here. | required |