diff --git a/docs/man/policy/_index.md b/docs/man/policy/_index.md index ba6b0377..1b849365 100644 --- a/docs/man/policy/_index.md +++ b/docs/man/policy/_index.md @@ -12,8 +12,6 @@ command: default: 'false' --- -# Manage platform policy - Policy is a set of rules that are enforced by the platform. Specific to the the data-centric security, policy revolves around data attributes (referred to as attributes). Within the context of attributes are namespaces, values, subject-mappings, resource-mappings, key-access-server grants, diff --git a/docs/man/policy/attributes/_index.md b/docs/man/policy/attributes/_index.md index 838ebc13..600ee798 100644 --- a/docs/man/policy/attributes/_index.md +++ b/docs/man/policy/attributes/_index.md @@ -7,8 +7,6 @@ command: - attribute --- -# Manage attributes - Commands to manage attributes within the platform. Attributes are used to to define the properties of a piece of data. These attributes will then be diff --git a/docs/man/policy/attributes/create.md b/docs/man/policy/attributes/create.md index 32f3a1ca..5ebdd2cc 100644 --- a/docs/man/policy/attributes/create.md +++ b/docs/man/policy/attributes/create.md @@ -1,5 +1,5 @@ --- -title: Create an attribute +title: Create an attribute definition command: name: create aliases: @@ -33,8 +33,6 @@ command: default: '' --- -# Create an attribute definition - Under a namespace, create an attribute with a rule. ### Rules diff --git a/docs/man/policy/attributes/deactivate.md b/docs/man/policy/attributes/deactivate.md index cc2a5bf9..710e0b33 100644 --- a/docs/man/policy/attributes/deactivate.md +++ b/docs/man/policy/attributes/deactivate.md @@ -1,5 +1,5 @@ --- -title: Deactivate an attribute +title: Deactivate an attribute definition command: name: deactivate flags: @@ -11,8 +11,6 @@ command: description: Force deactivation without interactive confirmation (dangerous) --- -# Deactivate an attribute definition - Deactivation preserves uniqueness of the attribute and values underneath within policy and all existing relations, essentially reserving them. diff --git a/docs/man/policy/attributes/get.md b/docs/man/policy/attributes/get.md index b9e92045..0c873c29 100644 --- a/docs/man/policy/attributes/get.md +++ b/docs/man/policy/attributes/get.md @@ -1,5 +1,5 @@ --- -title: Get an attribute +title: Get an attribute definition command: name: get aliases: @@ -10,8 +10,6 @@ command: description: ID of the attribute --- -# Get an attribute - Retrieve an attribute along with its metadata, rule, and values. For more general information about attributes, see the `attributes` subcommand. diff --git a/docs/man/policy/attributes/list.md b/docs/man/policy/attributes/list.md index 4843849e..e7a19908 100644 --- a/docs/man/policy/attributes/list.md +++ b/docs/man/policy/attributes/list.md @@ -1,5 +1,5 @@ --- -title: List attributes +title: List attribute definitions command: name: list aliases: @@ -15,8 +15,6 @@ command: default: active --- -# List the known attributes - By default, the list will only provide `active` attributes if unspecified, but the filter can be controlled with the `--state` flag. For more general information about attributes, see the `attributes` subcommand. diff --git a/docs/man/policy/attributes/namespaces/_index.md b/docs/man/policy/attributes/namespaces/_index.md index af378294..26d17751 100644 --- a/docs/man/policy/attributes/namespaces/_index.md +++ b/docs/man/policy/attributes/namespaces/_index.md @@ -7,8 +7,6 @@ command: - namespace --- -# Manage attribute namespaces - A namespace is the root (parent) of a set of platform policy. Like an owner or an authority, it fully qualifies attributes and their values, resource mapping groups, etc. As the various mappings of a platform are to attributes or values, a namespace effectively "owns" the mappings as well (transitively if not directly). diff --git a/docs/man/policy/attributes/namespaces/create.md b/docs/man/policy/attributes/namespaces/create.md index 3e10845e..b3a4bbda 100644 --- a/docs/man/policy/attributes/namespaces/create.md +++ b/docs/man/policy/attributes/namespaces/create.md @@ -17,8 +17,6 @@ command: default: '' --- -# Create an attribute namespace - Creation of a `namespace` is required to add attributes or any other policy objects beneath. For more information, see the `namespaces` subcommand. diff --git a/docs/man/policy/attributes/namespaces/deactivate.md b/docs/man/policy/attributes/namespaces/deactivate.md index b173b034..9227bbf4 100644 --- a/docs/man/policy/attributes/namespaces/deactivate.md +++ b/docs/man/policy/attributes/namespaces/deactivate.md @@ -11,8 +11,6 @@ command: description: Force deactivation without interactive confirmation (dangerous) --- -# Deactivate an attribute namespace - Deactivating an Attribute Namespace will make the namespace name inactive as well as any attribute definitions and values beneath. Deactivation of a Namespace renders any existing TDFs of those attributes inaccessible. diff --git a/docs/man/policy/attributes/namespaces/get.md b/docs/man/policy/attributes/namespaces/get.md index 39a577b0..b6d8d11f 100644 --- a/docs/man/policy/attributes/namespaces/get.md +++ b/docs/man/policy/attributes/namespaces/get.md @@ -10,5 +10,4 @@ command: description: ID of the attribute namespace --- -# Get an attribute namespace - +For more information, see the `namespaces` subcommand. diff --git a/docs/man/policy/attributes/namespaces/list.md b/docs/man/policy/attributes/namespaces/list.md index a40250cf..3f58d76e 100644 --- a/docs/man/policy/attributes/namespaces/list.md +++ b/docs/man/policy/attributes/namespaces/list.md @@ -11,6 +11,4 @@ command: description: Filter by state [active, inactive, any] --- -# List attribute namespaces - For more general information, see the `namespaces` subcommand. diff --git a/docs/man/policy/attributes/namespaces/unsafe/_index.md b/docs/man/policy/attributes/namespaces/unsafe/_index.md index f6b887ea..b86cc144 100644 --- a/docs/man/policy/attributes/namespaces/unsafe/_index.md +++ b/docs/man/policy/attributes/namespaces/unsafe/_index.md @@ -8,8 +8,6 @@ command: required: false --- -# Unsafe Changes to Attribute Namespaces - Unsafe changes are dangerous mutations to Policy that can significantly change access behavior around existing attributes and entitlement. diff --git a/docs/man/policy/attributes/namespaces/update.md b/docs/man/policy/attributes/namespaces/update.md index 2bfdbf01..3550d6c3 100644 --- a/docs/man/policy/attributes/namespaces/update.md +++ b/docs/man/policy/attributes/namespaces/update.md @@ -18,8 +18,6 @@ command: default: false --- -# Update an Attribute Namespace - Attribute Namespace changes can be dangerous, so this command is for updates considered "safe" (currently just mutations to metadata `labels`). For unsafe updates, see the dedicated `unsafe update` command. For more general information, see the `namespaces` subcommand. diff --git a/docs/man/policy/attributes/unsafe/_index.md b/docs/man/policy/attributes/unsafe/_index.md index 4ffad81a..0616808c 100644 --- a/docs/man/policy/attributes/unsafe/_index.md +++ b/docs/man/policy/attributes/unsafe/_index.md @@ -8,8 +8,6 @@ command: required: false --- -# Unsafe Changes to Attribute Definitions - Unsafe changes are dangerous mutations to Policy that can significantly change access behavior around existing attributes and entitlement. diff --git a/docs/man/policy/attributes/update.md b/docs/man/policy/attributes/update.md index e77b564a..98ede206 100644 --- a/docs/man/policy/attributes/update.md +++ b/docs/man/policy/attributes/update.md @@ -1,5 +1,5 @@ --- -title: Update an attribute +title: Update an attribute definition command: name: update aliases: @@ -18,8 +18,6 @@ command: default: false --- -# Update an attribute - Attribute Definition changes can be dangerous, so this command is for updates considered "safe" (currently just mutations to metadata `labels`). For unsafe updates, see the dedicated `unsafe update` command. For more general information, see the `attributes` subcommand. diff --git a/docs/man/policy/attributes/values/_index.md b/docs/man/policy/attributes/values/_index.md index 319b66d0..32badd5e 100644 --- a/docs/man/policy/attributes/values/_index.md +++ b/docs/man/policy/attributes/values/_index.md @@ -7,8 +7,6 @@ command: - value --- -# Manage attribute values - Attribute values are the individual units tagged on TDFs containing Resource Data. They are mapped to entitle person and non-person entities through Subject Mappings, to varied terms for tagging providers @@ -26,6 +24,7 @@ Giving data multiple Attribute Values across the same or multiple Definitions/Na by an Entity's mapped Entitlements to result in key release, decryption, and resulting access to TDF'd data. For more information on: + - values, see the `attributes values` subcommand - attribute definitions, see the `attributes` subcommand -- namespaces, see the `attributes namespaces` subcommand \ No newline at end of file +- namespaces, see the `attributes namespaces` subcommand diff --git a/docs/man/policy/attributes/values/create.md b/docs/man/policy/attributes/values/create.md index 22aea852..4cbb232c 100644 --- a/docs/man/policy/attributes/values/create.md +++ b/docs/man/policy/attributes/values/create.md @@ -19,8 +19,6 @@ command: default: '' --- -# Create an attribute value - Add a single new value underneath an existing attribute. For a hierarchical attribute, a new value is added in lowest hierarchy (last). diff --git a/docs/man/policy/attributes/values/deactivate.md b/docs/man/policy/attributes/values/deactivate.md index cf4a0589..13d10eb2 100644 --- a/docs/man/policy/attributes/values/deactivate.md +++ b/docs/man/policy/attributes/values/deactivate.md @@ -8,8 +8,6 @@ command: description: The ID of the attribute value to deactivate --- -# Deactivate an attribute value - Deactivation preserves uniqueness of the attribute value within policy and all existing relations, essentially reserving it. However, a deactivation of an attribute value means it cannot be entitled in an access decision. diff --git a/docs/man/policy/attributes/values/get.md b/docs/man/policy/attributes/values/get.md index 13653637..2cdc5b37 100644 --- a/docs/man/policy/attributes/values/get.md +++ b/docs/man/policy/attributes/values/get.md @@ -10,8 +10,6 @@ command: description: The ID of the attribute value to get --- -# Get an attribute value - Retrieve an attribute value along with its metadata. -For more general information about attribute values, see the `values` subcommand. \ No newline at end of file +For more general information about attribute values, see the `values` subcommand. diff --git a/docs/man/policy/attributes/values/list.md b/docs/man/policy/attributes/values/list.md index bf015b96..95484e88 100644 --- a/docs/man/policy/attributes/values/list.md +++ b/docs/man/policy/attributes/values/list.md @@ -19,8 +19,6 @@ command: default: active --- -# List attribute values - By default, the list will only provide `active` values if unspecified, but the filter can be controlled with the `--state` flag. For more general information about attribute values, see the `values` subcommand. diff --git a/docs/man/policy/attributes/values/unsafe/_index.md b/docs/man/policy/attributes/values/unsafe/_index.md index 4da0a452..56857f77 100644 --- a/docs/man/policy/attributes/values/unsafe/_index.md +++ b/docs/man/policy/attributes/values/unsafe/_index.md @@ -8,8 +8,6 @@ command: required: false --- -# Unsafe Changes to Attribute Values - Unsafe changes are dangerous mutations to Policy that can significantly change access behavior around existing attributes and entitlement. diff --git a/docs/man/policy/attributes/values/update.md b/docs/man/policy/attributes/values/update.md index 0ef6a621..d657722c 100644 --- a/docs/man/policy/attributes/values/update.md +++ b/docs/man/policy/attributes/values/update.md @@ -12,14 +12,12 @@ command: - name: label description: "Optional metadata 'labels' in the format: key=value" shorthand: l - default: "" + default: '' - name: force-replace-labels description: Destructively replace entire set of existing metadata 'labels' with any provided to this command default: false --- -# Update an attribute value - Attribute Value changes can be dangerous, so this command is for updates considered "safe" (currently just mutations to metadata `labels`). For unsafe updates, see the dedicated `unsafe update` command. For more general information, see the `values` subcommand. diff --git a/docs/man/policy/kas-grants/_index.md b/docs/man/policy/kas-grants/_index.md index fa25e88f..8290b3da 100644 --- a/docs/man/policy/kas-grants/_index.md +++ b/docs/man/policy/kas-grants/_index.md @@ -8,8 +8,6 @@ command: - kas-grant --- -## Background - Once Key Access Servers (KASs) have been registered within a platform's policy, they can be assigned grants to various attribute objects (namespaces, definitions, values). diff --git a/docs/man/policy/kas-grants/assign.md b/docs/man/policy/kas-grants/assign.md index ba96d902..390c1bed 100644 --- a/docs/man/policy/kas-grants/assign.md +++ b/docs/man/policy/kas-grants/assign.md @@ -36,8 +36,6 @@ command: default: false --- -# Assign a grant to a KAS - Assign a registered Key Access Server (KAS) to an attribute namespace, definition, or value. -For more information, see `kas-registry` and `kas-grants` manuals. \ No newline at end of file +For more information, see `kas-registry` and `kas-grants` manuals. diff --git a/docs/man/policy/kas-grants/unassign.md b/docs/man/policy/kas-grants/unassign.md index ff3d388a..bb71e1b7 100644 --- a/docs/man/policy/kas-grants/unassign.md +++ b/docs/man/policy/kas-grants/unassign.md @@ -27,8 +27,6 @@ command: description: Force the unassignment with no confirmation --- -# Unassign a grant to a KAS - Unassign a registered Key Access Server (KAS) to an attribute namespace, definition, or value. For more information, see `kas-registry` and `kas-grants` manuals. diff --git a/docs/man/policy/kas-registry/_index.md b/docs/man/policy/kas-registry/_index.md index 33aa4191..8cbe1463 100644 --- a/docs/man/policy/kas-registry/_index.md +++ b/docs/man/policy/kas-registry/_index.md @@ -7,8 +7,6 @@ command: - kas-registries --- -# Manage Key Access Servers registered to the platform - The Key Access Server (KAS) registry is a record of KASes safeguarding access and maintaining public keys. The registry contains critical information like each server's uri, its public key (which can be diff --git a/docs/man/policy/kas-registry/create.md b/docs/man/policy/kas-registry/create.md index e86257db..78a4c80d 100644 --- a/docs/man/policy/kas-registry/create.md +++ b/docs/man/policy/kas-registry/create.md @@ -23,8 +23,6 @@ command: default: '' --- -# Create a KAS registration - Public keys can be stored as either `remote` or `cached` under the following JSON structure. ### Remote @@ -36,19 +34,19 @@ can be retrieved for the registered KAS under the `remote` key, such as `https:/ ```json5 { - "cached": { + cached: { // One or more known public keys for the KAS - "keys":[ + keys: [ { // x509 ASN.1 content in PEM envelope, usually - "pem": "", - // key identifier - "kid": "", + pem: '', + // key identifier + kid: '', // key algorithm (see table below) - "alg": 1 - } - ] - } + alg: 1, + }, + ], + }, } ``` diff --git a/docs/man/policy/kas-registry/delete.md b/docs/man/policy/kas-registry/delete.md index 81fc9bd8..bfff3958 100644 --- a/docs/man/policy/kas-registry/delete.md +++ b/docs/man/policy/kas-registry/delete.md @@ -11,8 +11,6 @@ command: description: Force deletion without interactive confirmation (dangerous) --- -# Delete a registered KAS - Removes knowledge of a KAS (registration) from a platform's policy. If resource data has been TDFd utilizing key splits from the registered KAS, deletion from diff --git a/docs/man/policy/kas-registry/get.md b/docs/man/policy/kas-registry/get.md index 6b99b291..6d35838b 100644 --- a/docs/man/policy/kas-registry/get.md +++ b/docs/man/policy/kas-registry/get.md @@ -11,6 +11,4 @@ command: required: true --- -# Get a registered Key Access Server - For more information about registration of Key Access Servers, see the manual for `kas-registry`. diff --git a/docs/man/policy/kas-registry/list.md b/docs/man/policy/kas-registry/list.md index 70f11723..c7b2ce44 100644 --- a/docs/man/policy/kas-registry/list.md +++ b/docs/man/policy/kas-registry/list.md @@ -6,6 +6,4 @@ command: - l --- -# List KASes registered within a platform - For more information about registration of Key Access Servers, see the manual for `kas-registry`. diff --git a/docs/man/policy/kas-registry/update.md b/docs/man/policy/kas-registry/update.md index c3fd3956..2fbf295f 100644 --- a/docs/man/policy/kas-registry/update.md +++ b/docs/man/policy/kas-registry/update.md @@ -27,8 +27,6 @@ command: default: false --- -# Update a registered KAS - Update the `uri`, `metadata`, or key material (remote/cached) for a KAS registered to the platform. If resource data has been TDFd utilizing key splits from the registered KAS, deletion from diff --git a/docs/man/policy/resource-mappings/_index.md b/docs/man/policy/resource-mappings/_index.md index d2e28929..cb7b3836 100644 --- a/docs/man/policy/resource-mappings/_index.md +++ b/docs/man/policy/resource-mappings/_index.md @@ -8,8 +8,6 @@ command: - resource-mapping --- -# Manage Resource Mappings - Resource mappings are used to map resources to their respective attribute values based on the terms that are related to the data. Alone, this service is not very useful, but when combined with a PEP or PDP that can use the resource mappings it becomes a powerful tool for automating access control. diff --git a/docs/man/policy/resource-mappings/create.md b/docs/man/policy/resource-mappings/create.md index 8f3a8fe6..20ba76f0 100644 --- a/docs/man/policy/resource-mappings/create.md +++ b/docs/man/policy/resource-mappings/create.md @@ -8,19 +8,17 @@ command: - c flags: - name: attribute-value-id - description: The ID of the attribute value to map to the resource - default: "" + description: The ID of the attribute value to map to the resource. + default: '' - name: terms - description: The synonym terms to match for the resource mapping - default: "" + description: The synonym terms to match for the resource mapping. + default: '' - name: label description: "Optional metadata 'labels' in the format: key=value" shorthand: l - default: "" + default: '' --- -# Create a resource mapping - Associate an attribute value with a set of plaintext string terms. -For more information about resource mappings, see the `resource-mappings` subcommand. \ No newline at end of file +For more information about resource mappings, see the `resource-mappings` subcommand. diff --git a/docs/man/policy/resource-mappings/delete.md b/docs/man/policy/resource-mappings/delete.md index 6a9bbb29..3eba3329 100644 --- a/docs/man/policy/resource-mappings/delete.md +++ b/docs/man/policy/resource-mappings/delete.md @@ -10,6 +10,4 @@ command: description: Force deletion without interactive confirmation (dangerous) --- -# Delete a resource mapping - For more information about resource mappings, see the `resource-mappings` subcommand. diff --git a/docs/man/policy/resource-mappings/get.md b/docs/man/policy/resource-mappings/get.md index 43257a15..22e8c9a4 100644 --- a/docs/man/policy/resource-mappings/get.md +++ b/docs/man/policy/resource-mappings/get.md @@ -6,10 +6,8 @@ command: - g flags: - name: id - description: The ID of the resource mapping to get - default: "" + description: The ID of the resource mapping to get. + default: '' --- -# Get a resource mapping - -For more information about resource mappings, see the `resource-mappings` subcommand. \ No newline at end of file +For more information about resource mappings, see the `resource-mappings` subcommand. diff --git a/docs/man/policy/resource-mappings/list.md b/docs/man/policy/resource-mappings/list.md index 3c90081f..57a1186c 100644 --- a/docs/man/policy/resource-mappings/list.md +++ b/docs/man/policy/resource-mappings/list.md @@ -6,6 +6,4 @@ command: - l --- -# List resource mappings - For more information about resource mappings, see the `resource-mappings` subcommand. diff --git a/docs/man/policy/resource-mappings/update.md b/docs/man/policy/resource-mappings/update.md index 555808b5..8f367583 100644 --- a/docs/man/policy/resource-mappings/update.md +++ b/docs/man/policy/resource-mappings/update.md @@ -6,25 +6,23 @@ command: - u flags: - name: id - description: The ID of the resource mapping to update - default: "" - - name: attribute-value-id - description: The ID of the attribute value to map to the resource - default: "" + description: The ID of the resource mapping to update. + default: '' + - name: attribute-value-id + description: The ID of the attribute value to map to the resource. + default: '' - name: terms - description: The synonym terms to match for the resource mapping - default: "" + description: The synonym terms to match for the resource mapping. + default: '' - name: label description: "Optional metadata 'labels' in the format: key=value" shorthand: l - default: "" + default: '' - name: force-replace-labels description: Destructively replace entire set of existing metadata 'labels' with any provided to this command default: false --- -# Update a resource mapping - Alter the attribute value associated with a resource mapping's terms, or fully replace the terms in a given resource mapping. -For more information about resource mappings, see the `resource-mappings` subcommand. \ No newline at end of file +For more information about resource mappings, see the `resource-mappings` subcommand. diff --git a/docs/man/policy/subject-condition-sets/_index.md b/docs/man/policy/subject-condition-sets/_index.md index fd9d56bb..b6f67178 100644 --- a/docs/man/policy/subject-condition-sets/_index.md +++ b/docs/man/policy/subject-condition-sets/_index.md @@ -8,8 +8,6 @@ command: - subject-condition-set --- -# Manage subject condition sets - Subject Condition Sets (SCSs) are the logical resolvers of entitlement to attributes. An SCS contains AND/OR groups of conditions with IN/NOT_IN/CONTAINS logic to be applied against diff --git a/docs/man/policy/subject-condition-sets/create.md b/docs/man/policy/subject-condition-sets/create.md index 814ec270..f5605d44 100644 --- a/docs/man/policy/subject-condition-sets/create.md +++ b/docs/man/policy/subject-condition-sets/create.md @@ -27,8 +27,6 @@ command: default: false --- -# Create a Subject Condition Set - ### Example Subject Condition Sets `--subject-sets` example input: @@ -95,4 +93,4 @@ If any condition in the group is not met (such as if `.org.name` were `marketing the condition set would not resolve to true, and the Subject would not be found to be entitled to the Attribute Value applicable to this Subject Condition Set via Subject Mapping between. -For more information about subject condition sets, see the `subject-condition-sets` subcommand. \ No newline at end of file +For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-condition-sets/delete.md b/docs/man/policy/subject-condition-sets/delete.md index d5a9f1e1..9a075c0f 100644 --- a/docs/man/policy/subject-condition-sets/delete.md +++ b/docs/man/policy/subject-condition-sets/delete.md @@ -10,6 +10,4 @@ command: required: true --- -# Delete a subject condition set - -For more information about subject condition sets, see the `subject-condition-sets` subcommand. \ No newline at end of file +For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-condition-sets/get.md b/docs/man/policy/subject-condition-sets/get.md index 5e510bf5..764b104a 100644 --- a/docs/man/policy/subject-condition-sets/get.md +++ b/docs/man/policy/subject-condition-sets/get.md @@ -12,6 +12,4 @@ command: required: true --- -# Get a subject condition set - -For more information about subject condition sets, see the `subject-condition-sets` subcommand. \ No newline at end of file +For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-condition-sets/list.md b/docs/man/policy/subject-condition-sets/list.md index 99e19d58..4ab11705 100644 --- a/docs/man/policy/subject-condition-sets/list.md +++ b/docs/man/policy/subject-condition-sets/list.md @@ -7,6 +7,4 @@ command: - l --- -# List subject condition sets - -For more information about subject condition sets, see the `subject-condition-sets` subcommand. \ No newline at end of file +For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-condition-sets/update.md b/docs/man/policy/subject-condition-sets/update.md index 2bce68dc..9d5b3d67 100644 --- a/docs/man/policy/subject-condition-sets/update.md +++ b/docs/man/policy/subject-condition-sets/update.md @@ -28,8 +28,6 @@ command: default: false --- -# Update a subject condition set - Replace the existing conditional logic within an SCS with new conditional logic, passing either JSON directly or a JSON file. For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-mappings/_index.md b/docs/man/policy/subject-mappings/_index.md index fda40ffc..4b6d01ec 100644 --- a/docs/man/policy/subject-mappings/_index.md +++ b/docs/man/policy/subject-mappings/_index.md @@ -9,8 +9,6 @@ command: - subject-mapping --- -# Manage subject mappings - As data is bound to fully qualified Attribute Values when encrypted within a TDF, Entities are entitled to Attribute Values through a mechanism called Subject Mappings. A Subject Mapping (SM) is the relation of a Subject Condition Set (SCS, see `subject-condition-sets` command) diff --git a/docs/man/policy/subject-mappings/create.md b/docs/man/policy/subject-mappings/create.md index 656e81ac..4b24b7e2 100644 --- a/docs/man/policy/subject-mappings/create.md +++ b/docs/man/policy/subject-mappings/create.md @@ -39,10 +39,8 @@ command: default: '' --- -# Create a subject mapping - Create a Subject Mapping to entitle an entity (via existing or new Subject Condition Set) to an Attribute Value. -For more information about subject mappings, see the `subject-mappings` subcommand. +For more information about subject mappings, see the `subject-mappings` subcommand. For more information about subject condition sets, see the `subject-condition-sets` subcommand. diff --git a/docs/man/policy/subject-mappings/delete.md b/docs/man/policy/subject-mappings/delete.md index a6d59a0f..c2af25ac 100644 --- a/docs/man/policy/subject-mappings/delete.md +++ b/docs/man/policy/subject-mappings/delete.md @@ -12,8 +12,6 @@ command: description: Force deletion without interactive confirmation (dangerous) --- -# Delete a subject mapping - Delete a Subject Mapping to remove entitlement of an entity (via Subject Condition Set) to an Attribute Value. For more information about subject mappings, see the `subject-mappings` subcommand. diff --git a/docs/man/policy/subject-mappings/get.md b/docs/man/policy/subject-mappings/get.md index 5271bab8..75e2197c 100644 --- a/docs/man/policy/subject-mappings/get.md +++ b/docs/man/policy/subject-mappings/get.md @@ -1,5 +1,5 @@ --- -title: Get a subject mapping by id +title: Get a subject mapping command: name: get aliases: @@ -9,11 +9,9 @@ command: description: The ID of the subject mapping to get shorthand: i required: true - default: "" + default: '' --- -# Get a subject mapping - Retrieve the specifics of a Subject Mapping. -For more information about subject mappings, see the `subject-mappings` subcommand. \ No newline at end of file +For more information about subject mappings, see the `subject-mappings` subcommand. diff --git a/docs/man/policy/subject-mappings/list.md b/docs/man/policy/subject-mappings/list.md index da2436de..e433bb6b 100644 --- a/docs/man/policy/subject-mappings/list.md +++ b/docs/man/policy/subject-mappings/list.md @@ -6,6 +6,4 @@ command: - l --- -# List subject mappings - For more information about subject mappings, see the `subject-mappings` subcommand. diff --git a/docs/man/policy/subject-mappings/update.md b/docs/man/policy/subject-mappings/update.md index 4bb324b1..3f4abf07 100644 --- a/docs/man/policy/subject-mappings/update.md +++ b/docs/man/policy/subject-mappings/update.md @@ -35,8 +35,6 @@ command: default: false --- -# Update a subject mapping - Update a Subject Mapping to alter entitlement of an entity to an Attribute Value. `Actions` are updated in place, destructively replacing the current set. If you want to add or remove actions, you must provide the full set of actions on update.