Rules are defined in the Rule Builder window of the Policy Builder:
Figure 2-1 Rule Builder Window of the Policy Builder
The Rule Builder interface enables you to quickly create and modify rules using intelligent drop-down menus.
In the Rule Builder, you define a set of conditions that must be met before a defined action occurs.
For example, if you needed to create a rule that disallowed any new objects from being added to your environment, you might define this rule to indicate that when an add operation occurs, veto the operation.
To implement this logic in the Rule Builder, you could select the following condition:
Figure 2-2 Move User Condition in the Rule Builder Interface
And the following action:
Figure 2-3 Veto Action in the Rule Builder Interface
To create more complex conditions, you can join conditions and groups of conditions together with and/or statements. You can modify the way these are joined by selecting the condition structure:
Figure 2-4 Condition Structure Radio Buttons
Click the icon to see a list of values for a field. In the example above, this icon opens a list of valid class names.
Click the icon to use the Argument Builder interface to construct an argument.
Click the icon to disable a policy, rule, condition, or action. Click the icon to re-enable it.
Click the icon to disable tracing on the policy. Click the icon to re-enable tracing of the policy.
Click the icon to add a comment to a policy or rule. Comments are stored directly on the policy or rule, and can be as long as necessary.
Use the Cut/Copy/Paste icons to use the Policy Builder clipboard. The Paste icon is disabled if the current content on the clipboard is invalid at that location.
Use the icons to add, remove, and position conditions.
Use the button to add condition groups.
Use the icons to remove and position condition groups.