API Management 10.4 | Using CentraSite | Runtime Governance | Run-Time Policy Management | Managing Run-Time Policies through CentraSite Business UI | Scope of a Run-Time Policy | System-wide and Organization-specific Policy Enforcement
 
System-wide and Organization-specific Policy Enforcement
The Organization property specifies the organization to which the policy applies. When the Organization property is set to All, it indicates that the policy is system-wide. When the Organization property specifies a particular organization, it indicates that the policy is organization-specific.
Note: By default, run-time aspects configured from CentraSite are disabled. However, you can enable them if required. To enable theCentraSite run-time aspects, see Enabling CentraSite Run-Time Aspects. This section is not applicable, if the CentraSiterun-time aspects are not enabled.
Organization-specific Policies
An organization-specific policy is enforced on objects that belong to the same organization as the organization to which the policy applies. For example, if you have a policy that executes when user objects are updated and its Organization property specifies organization ABC, CentraSite only execute that policy when user objects in organization ABC are updated.
Points to keep in mind when working with organization-specific policies:
*You can create organization-specific policies for any organization on which you have Manage Design/Change-Time Policies permission. For example, if have you Manage Design/Change-Time Policies permission for organization ABC and XYZ, you can create organization-specific policies for either organization.
*At enforcement time, CentraSite selects policies based on the organization to which the object belongs, not the organization to which the requestor belongs. For example, if a user from organization XYZ edits an asset in organization ABC, CentraSite applies organization ABC's policies (the organization to which the asset belongs), not organization XYZ's policies (the organization to which the requestor belongs).
System-wide Policies
A system-wide policy is enforced for all organizations. For example, if you create a system-wide policy that executes when an asset is created, CentraSite enforces the policy whenever any user in any organization adds an asset to the catalog.
To create a system-wide policy, you must belong to a role that has Manage System-Wide Design/Change-Time Policies permission. In a standard CentraSite configuration, only users in the CentraSite Administrator role and the Policy Administrator role have this permission.
System-wide policies are useful for managing many types of objects. For example, they are often used to assign users to certain server-wide groups or to enforce server-wide naming conventions on objects. However, organization-specific policies are often better choices for asset-related policies, because they enable an organization to tailor its policies to its own development processes and methodologies.

Copyright © 2015- 2019 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release