AuthorizationPolicy Type Definition

[This topic is pre-release documentation and is subject to change.]

Customer Insights supports authorization (authZ) through the use of Shared Access Signatures (SAS). SAS is a security technology that allows granting limited access rights to a secured resource. These rights are represented by a URI that encompasses in its query parameters all of the information necessary for authenticated access to an Azure-based resource. Customer Insights applications use SAS to gain limited access to Azure resources, such as blob storage. SAS provides for limits to resource access in the following ways:

  • Granualr access to the allowed operations: query, read, create, update, delete, etc.
  • The time period that the access is granted
  • The range of IP addresses that the requests can originate from
  • The internet protocol(s) used in the request

For more information about how SAS is used in Azure, see Using Shared Access Signatures.

Properties

Property names appended with asterisks* are required.

Property JSON type Description
policyName string Name of the Policy
permissions* string[] One or more permissions associated with the policy: [“Read” | ”Write” | ”Manage”]
primaryKey string (base64) Primary key associated with the policy
secondaryKey string (base64) Secondary key associated with the policy

JSON Example

{ 
    "PolicyName":"TestPolicy2", 
    "Permissions":["Read", "Write"], 
    "PrimaryKey":"cHJpbWFyeVRlc3RSZWFk", 
    "SecondaryKey":"c2Vjb25kYXJ5VGVzdFJlYWQ=", 
}