Skip to content

Action Overview and explanation

Actions are the functional permissions between an acting [subject] and an acted on [object]. They allow you to fine-tune access patterns to your requirements.

List of all available actions

Resource Type Action Description
Prefix mdsp:core:idl:prefix:read Read a prefix (an object in an Integrated Data Lake), to download data from Data Lake
Prefix mdsp:core:idl:prefix:write Create a prefix, to upload data into Data Lake
Prefix mdsp:core:idl:prefix:delete Delete a prefix, to delete data (single object or in bulk) from Data Lake
Asset mdsp:core:assetmanagement:asset:read Allows a user to read given asset
Asset mdsp:core:assetmanagement:asset:write Allows a user to make modifications on given asset (on which policy is being created). This means
  • user can update/delete given asset
  • user can create a new asset with given asset as its parent
  • user can update its location
  • user can move given asset under other asset on which user has write access
Asset mdsp:core:eventmanagement:event:allow Allows a user to read, create, bulk create and update access to events of corresponding asset
Asset mdsp:core:iotservices:timeseries:write_normal Allows a user to push timeseries data for single Asset/Aspect
Asset mdsp:core:iotservices:timeseries:write_multiassetmultiaspect Allows a user to push timeseries data for multiple Asset/Aspects
Asset mdsp:core:iotservices:timeseries:write_bulk Allows a user to import high frequency timeseries data
Asset mdsp:core:iotservices:timeseries:write_merge Allows a user to push timeseries data as patch/merge operation for single Asset/Aspect
Asset mdsp:core:iotservices:timeseries:read Allows a user to read ingested or aggregated timeseries data, also used to import timeseries data into Data Lake
Asset mdsp:core:iotservices:timeseries:delete Allows a user to delete timeseries data
Asset mdsp:core:iotservices:timeseries:subscribe Allows a user to read, create, delete timeseries subscription data
Asset mdsp:core:iotservices:files:write Allows a user to perform File write operation (single or multi-part write)
Asset mdsp:core:iotservices:files:read Allows a user to perform File read operation (single or multi-part read)
Asset mdsp:core:iotservices:files:delete Allows a user to perform File delete operation

Dependencies among Actions

Some actions have others as a prerequisite. To avoid inconsistencies, they are enforced during creation of policies.

Info

The Policy Editor will show you these dependencies during configuration.

Action Depends On
mdsp:core:assetmanagement:asset:write mdsp:core:assetmanagement:asset:read
mdsp:core:eventmanagement:event:allow mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:write_normal mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:write_multiassetmultiaspect mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:write_bulk mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:files:write
mdsp:core:iotservices:files:read
mdsp:core:iotservices:timeseries:write_merge mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:read mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:delete mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:subscribe mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:timeseries:read
mdsp:core:iotservices:files:write mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:files:read mdsp:core:assetmanagement:asset:read
mdsp:core:iotservices:files:delete mdsp:core:assetmanagement:asset:read

Any questions left?

Ask the community


Except where otherwise noted, content on this site is licensed under the MindSphere Development License Agreement.


Last update: February 22, 2022