Mapped Security
The Google Cloud Storage Connector supports mapped security. When you set the configuration parameter MappedSecurity
to TRUE
, an Access Control List (ACL) is added to each IDOL document and the SECURITYTYPE
document field is set.
Security Type | Type=AUTONOMY_SECURITY_V4_GENERIC_MAPPED SecurityACLFormat=<E=B!>:U:<U=SLE+>:G:<G=SLE+> SecurityACLCheck=E=1?P:-,U=[U]?P:-,G=[G]?P:F |
ACL Format |
If the value of the |
SECURITYTYPE Field Value |
GOOGLECLOUDSTORAGE
|
The following is an example security configuration for the IDOL Content component:
//----------------- Field Processing ---------------------// [FieldProcessing] ... 30=DetectGoogleCloudStorage [DetectGoogleCloudStorage] PropertyFieldCSVs=*/SECURITYTYPE PropertyMatch=GOOGLECLOUDSTORAGE Property=SecurityGoogleCloudStorage //----------------- Properties ---------------------// [SecurityGoogleCloudStorage] SecurityType=GoogleCloudStorage //----------------- Document Security --------------------// [Security] 0=GoogleCloudStorage [GoogleCloudStorage] SecurityCode=1 Library=./modules/mapped_security.dll // or mapped_security.so on Linux Type=AUTONOMY_SECURITY_V4_GENERIC_MAPPED SecurityACLFormat=<E=B!>:U:<U=SLE+>:G:<G=SLE+> SecurityACLCheck=E=1?P:-,U=[U]?P:-,G=[G]?P:F
The connector supports the SynchronizeGroups
fetch action, which can be used by OmniGroupServer to retrieve users and groups that are defined in Google Cloud Storage projects and buckets. Permissions in Google Cloud Storage can also be assigned to users and groups defined in a Google Directory. To retrieve users and groups from a Google Directory, you must use the ogs_google
module in OmniGroupServer. After retrieving users and groups from both sources, configure a third task to combine the users and groups into a single OmniGroupServer repository.