This topic describes the features of the Services Security view > Settings tab.
In the Services Security view Settings tab, Administrators can enable and configure system roles that define permissions on a per meta key basis for individual Brokers, Concentrators, Decoders, and Log Decoders. Configuring this feature adds configurable meta keys to the Services Security view > Roles tab so that individual meta keys can be applied to specific roles on a specific service. The following figure illustrates the result of SDK meta key roles being enabled for a Decoder.
This configuration is generally part of a data privacy plan implemented to ensure that specific types of content consumed or aggregated by a service are kept secure by limiting visibility of the meta data and content to privileged users (see Data Privacy Management).
To display the tab:
- In the Security Analytics menu, select Administration > Services.
- In the Services grid, select a Decoder or Log Decoder service and
> View > Security and click the Settings tab.
Features
The tab includes two features.
| Feature | Description |
|---|---|
| SDK Meta Role Permissions field | Provides option for disabling or configuring meta key and content restrictions. The filtering options are described. |
| Apply button | Applies the selected configuration immediately. If not disabled, the meta keys are added to the Roles tab so they can be applied to specific roles. |
SDK Meta Role Permissions Options
The following table lists the filtering options available in the SDK Meta Role Permissions selection list, and the numeric values used to disable (0) and the types of filtering (1 through 6).
Note: There is no need to know the numeric value unless configuring meta and content visibility manually in the system.roles node.
| system.roles Node Value | Settings Tab Option | Description |
|---|---|---|
| 0 | No Filtering (Disabled) | System roles that define permissions on a per meta key basis are disabled. |
| 1 | Whitelist meta and content | Meta and content for the specified SDK meta roles are white listed, or visible to users assigned the system role. |
| 2 | Whitelist only meta | Meta for the specified SDK meta roles is white listed, or visible to users assigned the system role. |
| 3 | Whitelist only content | Content for the specified SDK meta roles is white listed, or visible to users assigned the system role. |
| 4 | Blacklist meta and content | Meta and content for the specified SDK meta roles are black listed, or not visible to users assigned the system role. |
| 5 | Blacklist only meta | Meta for the specified SDK meta roles is black listed, or not visible to users assigned the system role. |
| 6 | Blacklist only content | Content for the specified SDK meta roles is black listed, or not visible to users assigned the system role. |