Microsoft Information Protection SDK - Policy handler concepts
In the Policy SDK, mip::PolicyHandler exposes operations used to compute policy actions, and submit audit events.
Policy handler functions
mip::PolicyHandler exposes methods for reading, writing, and removing both labels and protection information. For the full list, consult the API reference.
In this article, the following methods will be covered:
ComputeActionsNotifyCommittedActions
Requirements
Creating a PolicyHandler requires:
- A
mip::MipContext - A
mip::PolicyProfile - A
mip::PolicyEngineadded to themip::PolicyProfile - A class that implements
mip::PolicyHandler::Observer
Create a policy handler
The first step required in obtaining policy actions, is to create a PolicyHandler object. This class implements functionality required to get the list of actions a specific label must take. It also implements the function to trigger an audit event.
Creating the PolicyHandler is as easy as calling the PolicyEngine's CreatePolicyHandlerAsync function using the promise/future pattern.
CreatePolicyHandlerAsync accepts a single parameter: isAuditDiscoveryEnabled. Set this value to true if the application should surface heartbeat and discovery events in audit logging.
Note
The mip::PolicyHandler::Observer class must be implemented in a derived class as CreatePolicyHandler requires the Observer object.
auto createPolicyHandlerPromise = std::make_shared<std::promise<std::shared_ptr<mip::PolicyHandler>>>();
auto createPolicyHandlerFuture = createPolicyHandlerPromise->get_future();
PolicyEngine->CreatePolicyHandlerAsync(true);
auto handler = createPolicyHandlerFuture.get();
After successfully creating the PolicyHandler object, actions may be computed and audit events submitted.
Next Steps
Now that you've learned about creation of a Policy handler:
- Learn how to create an execution state class, which is used for determining compute actions.
- Download the Policy SDK Samples from GitHub and try out the Policy SDK