2.3 Defining Individual Rules within a Policy

Rules are defined in the Rule Builder window of the Policy Builder:

Figure 2-1 Rule Builder Window of the Policy Builder

The Rule Builder interface enables you to quickly create and modify rules using intelligent drop-down menus.

In the Rule Builder, you define a set of conditions that must be met before a defined action occurs.

For example, if you needed to create a rule that disallowed any new objects from being added to your environment, you might define this rule to indicate that when an add operation occurs, veto the operation.

To implement this logic in the Rule Builder, you could select the following condition:

Figure 2-2 Move User Condition in the Rule Builder Interface

And the following action:

Figure 2-3 Veto Action in the Rule Builder Interface

See Section 9.0, Conditions and Section 10.0, Actions for a detailed reference on the conditions and actions available in the Rule Builder.


To create more complex conditions, you can join conditions and groups of conditions together with and/or statements. You can modify the way these are joined by selecting the condition structure:

Figure 2-4 Condition Structure Radio Buttons