Skip to content

Instantly share code, notes, and snippets.

@miya0001

miya0001/readonly.sh

Created April 9, 2026 02:25
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save miya0001/bf920c2ba77687cedd7fc6fba2e505fd to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save miya0001/bf920c2ba77687cedd7fc6fba2e505fd to your computer and use it in GitHub Desktop.
Download ZIP
一般ユーザーをreadonlyにする
Raw
readonly.sh
geonic admin policies create '{
"policyId": "user-readonly",
"description": "user ロールをデータ API で読み取り専用に制限",
"target": {
"subjects": [{"attributeId": "role", "matchValue": "user"}]
},
"ruleCombiningAlgorithm": "first-applicable",
"rules": [
{
"ruleId": "deny-post",
"effect": "Deny",
"target": {
"actions": [{"attributeId": "method", "matchValue": "POST"}],
"resources": [
{"attributeId": "path", "matchValue": "/v2/**"},
{"attributeId": "path", "matchValue": "/ngsi-ld/**"}
]
}
},
{
"ruleId": "deny-patch",
"effect": "Deny",
"target": {
"actions": [{"attributeId": "method", "matchValue": "PATCH"}],
"resources": [
{"attributeId": "path", "matchValue": "/v2/**"},
{"attributeId": "path", "matchValue": "/ngsi-ld/**"}
]
}
},
{
"ruleId": "deny-put",
"effect": "Deny",
"target": {
"actions": [{"attributeId": "method", "matchValue": "PUT"}],
"resources": [
{"attributeId": "path", "matchValue": "/v2/**"},
{"attributeId": "path", "matchValue": "/ngsi-ld/**"}
]
}
},
{
"ruleId": "deny-delete",
"effect": "Deny",
"target": {
"actions": [{"attributeId": "method", "matchValue": "DELETE"}],
"resources": [
{"attributeId": "path", "matchValue": "/v2/**"},
{"attributeId": "path", "matchValue": "/ngsi-ld/**"}
]
}
}
],
"priority": 100
}'
@miya0001
Copy link
Copy Markdown
Author

miya0001 commented Apr 9, 2026

このポリシーを無効化するには以下のコマンドで

geonic admin policies deactivate user-readonly

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment