pub struct Policy {
pub policy_version: Policy_PolicyVersion,
pub trust_domain: TrustDomain,
pub engine_hint: Option<Policy_EngineHint>,
pub rules: Vec<Rule>,
pub negative_capabilities: Option<Vec<NegativeCapability>>,
pub quorum_defaults: Option<Policy_QuorumDefaults>,
pub continuous_reevaluation: Option<Policy_ContinuousReevaluation>,
}Expand description
Declarative policy definition referenced by TF-0004. Backend-agnostic (Cedar, Rego, custom, native, none).
Fields§
§policy_version: Policy_PolicyVersionVersion of the policy manifest schema itself.
trust_domain: TrustDomainTrust domain this policy applies within.
engine_hint: Option<Policy_EngineHint>Policy engine that interprets this manifest.
rules: Vec<Rule>Policy rules evaluated top-to-bottom until a match yields a decision.
negative_capabilities: Option<Vec<NegativeCapability>>Explicit denials that override grants regardless of rule order.
quorum_defaults: Option<Policy_QuorumDefaults>Default quorum settings when a rule requests quorum approval without specifying one.
continuous_reevaluation: Option<Policy_ContinuousReevaluation>When live sessions must re-check this policy during execution.
Trait Implementations§
Source§impl<'de> Deserialize<'de> for Policy
impl<'de> Deserialize<'de> for Policy
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
impl Eq for Policy
impl StructuralPartialEq for Policy
Auto Trait Implementations§
impl Freeze for Policy
impl RefUnwindSafe for Policy
impl Send for Policy
impl Sync for Policy
impl Unpin for Policy
impl UnsafeUnpin for Policy
impl UnwindSafe for Policy
Blanket Implementations§
Source§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
Source§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> DeserializeOwned for Twhere
T: for<'de> Deserialize<'de>,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
Compare self to
key and return true if they are equal.Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more