Grouper: Typical Policy Configuration

The ForetenIT (fictional IT system) stakeholder has requested a Grouper app stem for their system. The Stakeholder identifies the populations for each access level. They don't need to know the technical data, just the logic. The Grouper Admin translates those rules into separate Policy Groups.

  • Policy 1: FortenIT Admins:
    • Stakeholder requirement: "I want the 5 people on the core IT project team to have full control."
    • Policy group includes: An ad hoc group where the Stakeholder can directly add the 5 IT team members.
    • Members of the FortenIT Admins policy group have Create/Read/Write permissions in FortenIT
  • Policy 2: FortenIT Researchers:
    • Stakeholder requirement: "This should be all Active Faculty in the Science department, plus two guest researchers from another university."
    • Policy group includes: A Reference group (Active Science Dept Faculty) plus an adhoc group (for the 2 guests). 
    • Members of the FortenIT Researchers policy group have Read/Write permissions in FortenIT
  • Policy 3: FortenIT Students:
    • Stakeholder requirement: "Any currently enrolled student can view data, unless they are on Leave of Absence."
    • Policy group includes: A Reference group (Active Students) minus a "deny" group (students on Leave of Absence). 
    • Members of the FortenIT Students policy group have view only permissions in FortenIT

Last modified

Changed

TDX ID

TDX ID
8247