ONTAP 9.15.1 commands

security dynamic-authorization trust-score-component create

Create a trust score component

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The security dynamic-authorization trust-score-component create command creates and registers a custom trust score component. Administrators can use this command to configure trust score components in addition to or as an alternative to built-in components.

Parameters

-vserver <vserver name> - Vserver

This parameter optionally specifies the Vserver associated with the custom trust score component. If this parameter is specified, the setting applies to that Vserver only. If not specified, the cluster Vserver setting is used.

-component <text> - Component Name

The name of the custom component used to obtain the trust score. This must be unique within the Vserver.

[-weight <integer>] - Score Weight

An integer giving the raw weight of the component, indicating the importance of the component relative to other components for calculating the trust score. Built-in components have a default weightage of 20 .

[-provider-uri {scheme://(hostname|IPv4 Address|'['IPv6 Address']')…​}] - Trust Score Provider URI of Component

The trust score provider URI to obtain the trust score for the component. The response from the URI must be in JSON.

[-max-score <integer>] - Max Trust Score of Component

The maximum score for the component. The default value is 20 .

[-min-score <integer>] - Min Trust Score of Component

The minimum score for the component. The default value is 0 .

[-score-field <text>] - Score field to check in JSON response

The field within the JSON response to obtain the trust score.

[-score-type {trust-score|risk-score}] - Score Type

This parameter specifies if the score returned from the component is trust score or risk score. The trust score is in ascending order with a higher score denoting a higher trust level, while the risk score is in descending order. The default value is trust-score .

[-secret-access-key <text>] - Access key for trust score provider

An optional field giving the access key for the trust score provider. This is used to authenticate to the provider.

[-provider-http-headers <text>,…​] - Provider HTTP headers

An optional list of HTTP headers required by the trust score provider.

Examples

The following command creates a dynamic authorization custom component for the Administrative Vserver. The username is a parameter that will be replaced with the actual username at run-time:

cluster1::> security dynamic-authorization trust-score-component create -component comp1 -weight 20 -max-score 500 -provider-uri https://provider.example.com/trust-scores/users/${username}/component -score-field score
Top of Page