6.2 Related Governance Attributes for Access Control
This section describes the Access Control attributes that appear in the Governance Document.
6.2.1 domain_rule
The following attributes belong inside a <domain_rule>:
- enable_join_access_control may be TRUE or FALSE. It controls whether or not remote DomainParticipant permissions are checked when a remote DomainParticipant is discovered. Local DomainParticipant permissions are always checked using the local DomainParticipant’s Permissions Document. There is no way to configure whether or not local DomainParticipant permissions are checked when a DomainParticipant is created.
- topic_access_rules contains one or more topic_rule attributes.
6.2.2 topic_rule
The following attributes belong inside a <topic_rule>:
- enable_read_access_control
- enable_write_access_control
These attributes may be TRUE or FALSE. They control whether or not DataReader or DataWriter permissions are checked. If enable_read_access_control is TRUE for a given topic, the local permissions are enforced on locally created DataReaders of that topic, and the remote permissions are enforced on remotely discovered DataReaders of that topic. Similar logic applies to enable_write_access_control and DataWriters.
6.2.3 No Matching Rule
If no matching domain or topic rule is found, the Entity creation will fail.
© 2020 RTI