security dynamic-authorization trust-score-component create
Create a trust score component
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The security dynamic-authorization trust-score-component create
command creates and registers a custom trust score component. Administrators can use this command to configure trust score components in addition to or as an alternative to built-in components.
Parameters
-vserver <vserver name>
- Vserver-
This parameter optionally specifies the Vserver associated with the custom trust score component. If this parameter is specified, the setting applies to that Vserver only. If not specified, the cluster Vserver setting is used.
-component <text>
- Component Name-
The name of the custom component used to obtain the trust score. This must be unique within the Vserver.
[-weight <integer>]
- Score Weight-
An integer giving the raw weight of the component, indicating the importance of the component relative to other components for calculating the trust score. Built-in components have a default weightage of
20
. [-provider-uri {scheme://(hostname|IPv4 Address|'['IPv6 Address']')…}]
- Trust Score Provider URI of Component-
The trust score provider URI to obtain the trust score for the component. The response from the URI must be in JSON.
[-max-score <integer>]
- Max Trust Score of Component-
The maximum score for the component. The default value is
20
. [-min-score <integer>]
- Min Trust Score of Component-
The minimum score for the component. The default value is
0
. [-score-field <text>]
- Score field to check in JSON response-
The field within the JSON response to obtain the trust score.
[-score-type {trust-score|risk-score}]
- Score Type-
This parameter specifies if the score returned from the component is trust score or risk score. The trust score is in ascending order with a higher score denoting a higher trust level, while the risk score is in descending order. The default value is
trust-score
. [-secret-access-key <text>]
- Access key for trust score provider-
An optional field giving the access key for the trust score provider. This is used to authenticate to the provider.
[-provider-http-headers <text>,…]
- Provider HTTP headers-
An optional list of HTTP headers required by the trust score provider.
Examples
The following command creates a dynamic authorization custom component for the Administrative Vserver. The username is a parameter that will be replaced with the actual username at run-time:
cluster1::> security dynamic-authorization trust-score-component create -component comp1 -weight 20 -max-score 500 -provider-uri https://provider.example.com/trust-scores/users/${username}/component -score-field score