Availabilities
What are Availabilities?
Availabilities are used in Common Fate to inform the policy engine what role to be attached to a set of resources identified by a selector. Avilabilities reference a Selector which determines which targets should be available for what role.
Creating an Availability
There are availabilities for each of the supported resources in Common Fate.
Below is an example of a GCP Availability:
This Availability tells Common Fate to handle any project resource selected by selector “sel_123” to be accessed with the “roles/owner” with the access workflow “wrk_123”.
This is the configuration aspect of access completed. The next component is creating the rules of who can access what resources based on actions. For this we use Cedar Policies
The role_priority
field can be used customize which role is suggested to end users in the UI. Consider the following scenerio:
When availabilities are created from these availability specs, roles/viewer
will be used as the suggested role for availability made by these availability specs.