Content sharing policies control what items and actions are available in the Service Broker catalog for users and user groups. If you have catalog items that require additional governance, you can apply content sharing policies to those items.

You share content at the project level where all users and user groups that are associated with a project can be granted access to specific catalog items. When you add a content source or a catalog item to a content sharing policy, you allow the users specified in the policy to request the items in the Service Broker catalog.

How are content sharing policies enforced?
  • You can create content sharing policies per project, and then provide additional governance at the content source or at the catalog item level for all content that is associated with a specific project.
  • You can share content with users and user groups that are associated with a specific project.
  • Multiple content sharing policies can be created per project.
  • During cloud upgrade, all of your shared content is migrated. A content sharing policy is automatically created for every project with entitlements that were added through the Content Sharing tab.
Content sharing policy constraints:
  • Users who are not members of the project, specified in the policy scope, can still be added to the content sharing policy when the policy is created through an API request. Such users, however, still don't have access to the catalog items associated with the project. You can limit the policy scope to adding users who belong to the selected project.

In this use case, there are three policy definitions that illustrate how you can construct content sharing policies and the results when they are enforced.

Procedure

  1. Select Content and Policies > Policies > Definitions > New Policy > Content Sharing Policy.
  2. Configure Content Sharing Policy 1.
    As an administrator, you want to grant two new users in your project access to all cloud templates that are associated with the project.
    1. Select a project to which to apply the policy.
      Setting Sample Value
      Scope Project1

      This policy is applied to content associated with this project.

    2. Select what content you want to share with members of the project.
      Setting Sample Value
      Content sharing Click Add Items > Content Sources , then select the cs-project1 content source to share with users.

      In this scenario, cs-project1 contains four cloud templates.

    3. Select the users you want to share the content with.
      Setting Sample Value
      Users Click Add Users and enter the emails of the two new users.

      User1@company.com, User2@company.com

      You can only select users who are associated with the scoped project.

      In this scenario, all four cloud templates associated with the content source you specified become available for User 1 and User 2.
  3. Configure Content Sharing Policy 2.
    You want to grant all users in your project access to a new cloud template.
    1. Select a project to which to apply the policy.
      Setting Sample Value
      Scope Project2
    2. Select the content that you want to share with members of the project.
      Setting Sample Value
      Content sharing Click Add Items > All Content, then select an individual cloud template to share with users.
    3. Select the users you want to share the content with.
      Setting Sample Value
      Users Select the Share content with all users/groups in the project check box.
      In this scenario, the cloud template becomes available to all users and user groups in Project 2.
  4. Configure Content Sharing Policy 3.
    You want to grant a developer access to multiple content sources.
    1. Select a project to which to apply the policy.
      Setting Sample Value
      Scope Project3
    2. Select the content that you want to share with members of the project.
      Setting Sample Value
      Content sharing Click Add Items > Content Sources , then select the content sources you want to share with the group.

      cs-project3, cs-project4

    3. Select the users you want to share the content with.
      Setting Sample Value
      Users Click Add Groups and enter the user group that you want to share the content with.

      devgroup@company.com

      You can only select user groups who are associated with the scoped project.

      In this scenario, all content from the selected content sources becomes available to users from the developer group.

What to do next