policy info

Display security policy information using the CLI.

Syntax

CLI

Use the maprcli security policy info command to display the details of the specified security policy.

/opt/mapr/bin/maprcli security policy info
  -name policy name 
  [ -cluster cluster name ]
  [ -output terse|verbose. Default: verbose ]
  [ -columns <comma-separated list of column names>. Default: all ]
  [ -expandaces true|false. Default: false ]         
REST
Request Type GET
Request URL
http[s]://<host>:<port>/rest/security/policy/info?<parameters>

Parameters

Parameter

Description

name The name of the security policy. This parameter is mandatory.
cluster The cluster name on which to run the command. This parameter is optional. The local cluster is the default cluster.
output

Specifies whether the output should be terse or verbose.

Default: verbose

columns

A comma-separated list of fields to return in the query. See policy create for the list of column names.

When issuing maprcli security policy info -columns and maprcli security policy list -columns commands, the column for the policy name is name.

expandaces

Expand Access Control Expression (ACE) into their respective fields for display.

Default: false

Examples

Display security policy information with the ACE information expanded.
/opt/mapr/bin/maprcli security policy info -name TOPSECRET -expandaces TRUE -json
{
	"timestamp":1555063260868,
	"timeofday":"2019-04-12 03:01:00.868 GMT-0700 AM",
	"status":"OK",
	"total":1,
	"data":[
		{
			"policyname":"TOPSECRET",
			"policyid":2,
			"mtime":"Tue Apr 09 06:07:54 PDT 2019",
			"ctime":"Tue Apr 09 04:19:00 PDT 2019",
			"wiresecurity":"1",
			"audited":"0",
			"allowtagging":"1",
			"accesscontrol":"Disarmed",
			"enableddataauditoperations":"getattr,setattr,chown,chperm,chgrp,getxattr,listxattr,setxattr,removexattr,read,write,create,delete,mkdir,readdir,rmdir,createsym,lookup,rename,createdev,truncate,tablecfcreate,tablecfdelete,tablecfmodify,tablecfScan,tableget,tableput,tablescan,tablecreate,tableinfo,tablemodify,getperm,getpathforfid,hardlink,filescan,fileoffload,filerecall,filetierjobstatus,filetierjobabort,filetieroffloadevent,filetierrecallevent",
			"disableddataauditoperations":"",
			"acl":{
				"Principal":"User root",
				"Allowed actions":"[r, a, fc]"
			},
			"aces":{
				"writefileace":"u:user7 | u:user10",
				"addchildace":"u:user7 | u:user10",
				"deletechildace":"u:user7 | u:user10",
				"writedbace":"u:user7 | u:user10",
				"produceace":"u:user7 | u:user10",
				"topicace":"u:user7 | u:user10"
                         
			}
		}
	]
}
            
curl -u mapr:mapr -X GET  -k "https://host:8443/rest/security/policy/info?name=TOPSECRET&expandaces=TRUE"
{"timestamp":1555065073812,"timeofday":"2019-04-12 03:31:13.812 GMT-0700 AM","status":"OK","total":1,"data":[{"policyname":"TOPSECRET","policyid":2,"mtime":"Tue Apr 09 06:07:54 PDT 2019","ctime":"Tue Apr 09 04:19:00 PDT 2019","wiresecurity":"1","audited":"0","allowtagging":"1","accesscontrol":"Disarmed","enableddataauditoperations":"getattr,setattr,chown,chperm,chgrp,getxattr,listxattr,setxattr,removexattr,read,write,create,delete,mkdir,readdir,rmdir,createsym,lookup,rename,createdev,truncate,tablecfcreate,tablecfdelete,tablecfmodify,tablecfScan,tableget,tableput,tablescan,tablecreate,tableinfo,tablemodify,getperm,getpathforfid,hardlink,filescan,fileoffload,filerecall,filetierjobstatus,filetierjobabort,filetieroffloadevent,filetierrecallevent","disableddataauditoperations":"","acl":{"Principal":"User root","Allowed actions":"[r, a, fc]"},"aces":{"writefileace":"u:user7 | u:user10","addchildace":"u:user7 | u:user10","deletechildace":"u:user7 | u:user10","writedbace":"u:user7 | u:user10","produceace":"u:user7 | u:user10","topicace":"u:user7 | u:user10"}}]}