Administrators can define policies, which include a set of configurations. Policies are defined on devices to monitor the information gathered and trigger events based on the data gathered or inform the user of a certain situation. Let's take a look at adding policies to a virtual fire alarm, where the bulb in the fire alarm will switch on if the sensor on the device reports a room temperature higher than 50 degrees Celsius.
The default user will not be able to create a policy unless the required permission are assigned to the role that the user is assigned to. For more information on updating permissions, see Updating Role Permissions.
Follow the instructions given below to add a policy to the virtual fire alarm:
- Sign into the Device Management console.
- Click Add under POLICIES to add a new policy.
- Select the virtual fire alarm device platform.
Configure the profile and click CONTINUE.
You can configure the profile by passing a set of strings to the device. Take a look at the examples given below on how the Siddhi Query Language (SiddhiQL) is used configure the profile.
Exampledefine stream fireAlarmEventStream (temp int); from fireAlarmEventStream#window.time(30 sec) select max(temp) as maxValue insert into analyzeStream for expired-events; from analyzeStream[maxValue < 50] select maxValue insert into bulbOnStream; from fireAlarmEventStream[temp > 50] select temp insert into bulbOffStream;
- Assign the configured profile to the preferred user groups.
- Assign the policy to user roles or users:
Assigning user role/s.
Select the set user role/s option.
Select the preferred role from the item list.
The items that are listed here, are the roles that were added when managing roles through the WSO2 IoTS device management console.
For more information, see managing roles.
- Assigning user/s.
- Select the set user/s option.
- Enter the characters of the username/s you wish to add, and the system will prompt the users having the names with the characters you entered. You can select the users from the item list.
Select the action that has to be carried out when a device has not complied with a policy.
In the context of WSO2 IoTS, the following actions are referred to as non-compliance rules. Further, the policies are monitored via the non-compliance rules.
Non-compliance
rulesDescription Enforce Forcefully enforce the policies on the assigned groups. Warning If the assigned groups do not adhere to the given policies a warning message will be sent.
Monitor If the assigned groups do not adhere to the given policies the server is notified of the violation unknown to the user and the administrator can take the necessary actions with regard to the reported. - Click SAVE.
Define a name for the configured profile of policies and a description.
Set a Name to your Policy is a mandatory field.
Click Save to SAVE the configured profile or click SAVE & PUBLISH to save and publish the configured profile as an active policy to the database.
If you SAVE the configured profile it will be in the inactive state. Therefore, the policy will not be taken into account when the IoT Server filters policies, to enforce a suitable policy on a device that registers with WSO2 IoTS.
If you SAVE & PUBLISH the configured profile of policies it will be in the active state. The active policies will be enforced on new devices that enroll with WSO2 IoTS based on the Policy enforcement criteria. If you want to push this policy to the existing devices and want this policy to be applied to the devices, click Apply changes. Then the newly added policy will be a candidate in the policy selection pool based on the policy Enforcement criteria.