Schema JSON Reference
JSON Syntax for /ObjectSchema endpoints.
ObjectSchema
Each schema consists of Policies and Actions.
The policies will be used to classify the objects and the actions will allow Governor Users to manage related objects.
{
// Object Schema ID
"id": "string",
// Object Schema Name
"name": "string",
// Is the Object Schema enabled?
"enabled": true,
// Object Type ID of the underlying object type
"objectType": "<ObjectType.ID>",
// A list of policies to match objects
"policies": #ObjectSchema.policies,
// A list of actions that can be invoked on objects matching this schema
"customActions": #ObjectSchema.customActions,
// Property name of the recycle bin flag
"recycleBinFlag": "<ConfigurationType.id>.<Property.id>",
// Override master key properties from object type
"customMasterKeyProperties": ["<ConfigurationType.id>.<Property.id>", ...],
// Default lifecycle for this kind of objects
"defaultLifecycle": "Ignore" | "Apply" | ...,
// Default expiration time for this kind of objects
"objectsExpireAfter": "(D.)HH:MM:SS",
// Additional UI Properties
"uiProperties": #ObjectSchema.uiProperties,
}
ObjectSchema.policies
{
"policies": [
{
// Policy type
"policyType": "Require" | "Enforce" | "Propose" | "Match" | "Extract",
// Configuration Type and property that are affected by this policy
"configurationType": "<ConfigurationType.id>",
"field": "<Property.id>",
// The policy value depends on the policy type
"value": "string" | number | boolean | ...,
// Some policies allow you to use a powershell formula instead of a literal value
"isExpression": true
}
]
}
Policy(policyType=Require)
The Require policy type matches when the target field value is not empty.
{
// Policy type
"policyType": "Require",
// Configuration Type and property that are affected by this policy
"configurationType": "AzureADUser",
"field": "mail",
// Is the field required?
"value": true
}
Policy(policyType=Enforce)
The Enforce policy type will enforce a field value.
Supports Expressions.
{
// Policy type
"policyType": "Enforce",
// Configuration Type and property that are affected by this policy
"configurationType": "AzureADUser",
"field": "onPremisesSyncEnabled",
// The enforced field value
"value": false
}
Policy(policyType=Propose)
The Propose policy type will propose a value if the field is empty.
Supports Expressions.
{
// Policy type
"policyType": "Propose",
// Configuration Type and property that are affected by this policy
"configurationType": "AzureADUser",
"field": "mail",
// Proposed value for the field
"value": "return \"{0}.{1}@databoat.ch\" -f $AzureADUser.givenName.ToLower(), $AzureADUser.surname.ToLower()",
// Value is a powershell formula?
"isExpression": true
}
Policy(policyType=Match)
The Match policy type will use a powershell formula to determine whether object matches the schema.
Match policies are always expressions.
{
// Policy type
"policyType": "Match",
// Matching expression
"value": "if ($AzureADUser.mail.EndsWith('@databoat.ch')) { return 1 } else { return 0 }"
}
Policy(policyType=Extract)
The Extract policy type will use a powershell formula to extract values into a field.
Supports Expressions.
{
// Policy type
"policyType": "Extract",
// Configuration Type and property to compute from other values
"configurationType": "AzureADUser",
"field": "mail",
// Powershell formula for value extraction
"value": "return \"{0}.{1}@databoat.ch\" -f $AzureADUser.givenName.ToLower(), $AzureADUser.surname.ToLower()"
}
ObjectSchema.customActions
{
"customActions": [
{
// Action name
// Reconciler Actions: Create | Update | Remove | Delete | Destroy | Decommission
// Extension Actions: <any other name>
"name": "string",
// Executor actions to invoke as part of this action definition.
// If the action is prefixed by "[<ConfigurationType.id>]" the reconciler will only
// check that configuration type's conditions to decide which action to invoke.
"actions": ["[<ConfigurationType.id>]<ScriptAction>", "<ScriptAction>"],
// Action Parameters for Extension Actions (Reconciler actions will ignore any declared parameters).
"parameters"?: #CustomAction.parameters,
// Configure the UI appearance for this action
"uiProperties"?: {
"displayText"?: "string",
"hideAction"?: true,
"iconClass"?: "string",
"showInActionBar"?: true
}
}
]
}
CustomAction.parameters
Custom Action parameters can be added to any Extension Action.
Custom Action Parameters are not supported on Reconciler actions.
See ConfigurationType > ConfigurationProperty section for more details.
{
"parameters": [
{
// Action Parameter ID
"id": "string",
// Action Parameter Display Name
"displayName": "string",
// Action Parameter Type -> same as for ConfigurationType.properties + Password
"type": "Text" | "MultiLineText" | "Choice" | "YesNo" | "Integer" | "Number" | "TimeOfDay" |
"ObjectRef" | "ObjectRefList" | "Password",
// Action Parameter Help Text
"helpText"?: "string",
// Is the action parameter value nullable?
"notNullable": true,
// Action Parameter ordering
"order": 0,
// Bind a governed object property to this action parameter
"boundProperty"?: "string",
// Default value to the action parameter
"defaultValue": "string",
// Additional properties for the action parameter
"properties"?: {
// ... for Choice fields
"choice"?: {
// A list of values to pick from
"allowedValues": ["string"]
},
// ... for ObjectRef fields
"objectRef"?: {
// Configuration Type to pick from
"configurationType": "string",
// Value field to use as parameter value
"field": "string",
// Display field to show in the picker components
"displayField": "string"
},
// ... Limitations for strings and numeric fields
"limits"?: {
"minValue"?: 0,
"maxValue"?: 0,
"type": "string"
}
}
}
]
}
ObjectSchema.uiProperties
{
"uiProperties": {
"endUserFormFields": ["string"]
}
}