resourceInfo.type element
Reference information about the resourceInfo.type element.
Description
Type of the resource.
Values
String
The following strings are suggested values:
- application
- An application such as Verify Identity Access server, Directory Server, Identity Manager server, or any executable process.
- file
- File system resource. For example, /OSSEAL/policy-branch/File/filespec.
- group
- Used to group users for Role Based Access Control.
- identityPolicy
- Identify policy specifies how user identities are generated when provisioning one or more resources.
- junction
- Describes a WebSEAL junction.
- login
- Policies that are related to login. For example, password expiry, account suspension due to failed login attempts, or account lockouts due to account inactivity.
- management
- Authorization of a management command. The specific management object type is contained in the resourceName.
- messageQueue
- A message queue.
- netIncoming
- Incoming network accesses are controlled by network resources: NetIncoming resource:/OSSEAL/policy-branch/NetIncoming/protocol[/service[/host]]
- netOutgoing
- Outgoing network accesses are controlled by the following network resource. NetOutgoing resource:/OSSEAL/policy-branch/NetOutgoing/[/hostspec[/protocol[/service]]]
- orgContainer
- The organization container defines the organization hierarchy for the managed resources.
- passwordPolicy
- Specifies a set of rules in which all passwords for one or more services must conform. For example, password strength and password aging.
- policyUpdate
- Indicates a policy update. For example, the product might receive a policy update (downloaded from the policy database).
- protectedResource
- A generic value for a protected resource. For example, Verify Identity Access protected object or Verify Identity Access protected object space.
- provisioningAccount
- Represents a user's identity on the target provisioning resource.
- provisioningPolicy
- Used to associate one or multiple groups of users with one or multiple entitlements. The group of users can be identified by organization or organization role. The entitlement is a construct to define a set of permissions, or privileges, on a managed provisioning resource.
- provisioningResource
- A resource for which Identity Provisioning is enabled.
- serviceSelectionPolicy
- Used in situations where the instance of a provisioning resource, on which the provisioning of an account is to take place, is determined dynamically based on account owner's attributes.
- sudo
- Describe commands that require more stringent access control than whether a particular program
can be run. Sudo commands allow access control based not only on a command but also on the
parameters passed to that command.
You can use Sudo commands to remove the requirements for a user to become the root user on a system in order to perform administrative tasks.
Sudo resources are identified in the Verify Identity Access namespace in the following way: /OSSEAL/policy-branch/Sudo/sudo-command[/sudo-orglass]
- surrogate
- Surrogate resources. Operations that can change the user identity or group identity of a process are referred to as surrogate operations and are controlled by resources of type surrogate. Surrogate resource names follow the form: /OSSEAL/policy-branch/Surrogate/User/user-name.
- tcb
- Trusted Computing Base resources.
- workflowTemplate
- Defines the flow of a business workflow process.
- url
- An absolute URL identifying the resource accessed. Use the File resource type for file:// URLs.
- user
- The user entity that application manages in the registry.
XPath
CommonBaseEvent/extendedDataElements[@name='resourceInfo']/children
[@name='type']/values