An access control policy is a set of conditions that define whether a user is permitted or denied access to a protected resource.
The policy file you import must have a .json extension. All custom attributes, obligations, and authentication policies referenced by the policy must exist for import to succeed.