| FIELD | DESCRIPTION | TYPE | DEFAULT VALUE(S) | ALLOWED VALUE(S) |
|---|---|---|---|---|
| enabled | describes whether this part of the policy should be enforced or not | Boolean | true | true, false |
| compensatingControl | describes whether there’s another mechanism in place [elsewhere] to handle access controls | Boolean | false | true,false |
| supportedDatabases | native database support in _spartan | String Array | [“mongodb”,“firebase”,“postgres”] | [“mongodb”,“firebase”,“postgres”] |
| config | database configrations | |||
| disableJsExecution | disallowin execution of javascript inside the database | Boolean | true | true,false |
| globalOperatorsDisabled | disable use of global operators $where, $group, $map fetching data | Boolean | true | true,false |
| encryptBeforeStore | force data encryption before storage | Boolean | true | true, false |
| dataClassification | describes how data is treated based upon its exposure | JSON Array | [{“tag”: “public”,“decayRate”: “never”}, {“tag”: “internal”,“decayRate”: 180}, {“tag”: “confidential”,“decayRate”: 90},{“tag”: “private”,“decayRate”: 30}] | Any JSON Array with keys => “tag” (classification name) and “decayRate” (how long in days the data will be kept in the database before being automatically, permanently deleted*) or null |
* You’ll ABSOULTELY want to adjust the decayRate values to match your own data retention policy. If you don’t have one, you should set the dataClassification value to null