avp-cli/scenarios/ecommerceHierarchyAndAbacScenario/ecommerceHierarchyAndAbacScenario.json

Small CLI to help interacts with the Amazon Verified Permissions (AVP) service.

{
  "validationMode": "STRICT",
  "policyStoreDescription": "Policy store for the Hierarchy and ABAC Scenario, created via avp-cli tool",
  "name": "Ecommerce with Hierarchy and ABAC Scenario",
  "description": "This scenario demonstrates the use of Hierarchy and ABAC (with Entities) in Amazon Verified Permissions. It allows sellers to sell car if department matches the car's department.",
  "schemaPath": "./scenarios/ecommerceHierarchyAndAbacScenario/schema.json",
  "policies": [
    {
      "path": "./scenarios/ecommerceHierarchyAndAbacScenario/allow_policy.cedar",
      "description": "Allows sellers to sell car if department matches the car's department"
    }
  ],
  "tests": [
    {
     "path": "./scenarios/ecommerceHierarchyAndAbacScenario/allow_test_1.json",
      "description": "User 1 is allowed the ability to sell (action) porsche car (resource).",
      "type": "allow"
    },
    {
     "path": "./scenarios/ecommerceHierarchyAndAbacScenario/deny_test_1.json",
      "description": "User 1 is denied the ability to sell (action) porsche car (resource), due to not matching departments.",
      "type": "forbid"
    },
    {
     "path": "./scenarios/ecommerceHierarchyAndAbacScenario/deny_test_2.json",
      "description": "User 1 is denied the ability to sell (action) porsche car (resource), due to not matching department name.",
      "type": "forbid"
    }
  ]
}