type: object
properties:
  id:
    type: string
    description: Policy id
    example: "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde"
  name:
    type: string
    description: Policy Business Name
    example: "policy-xyz"
  created:
    type: string
    format: date-time
    description: The time when this SOD policy is created.
    example: "2020-01-01T00:00:00.000000Z"
  modified:
    type: string
    format: date-time
    description: The time when this SOD policy is modified.
    example: "2020-01-01T00:00:00.000000Z"
  description:
    type: string
    description: Optional description of the SOD policy
    example: "This policy ensures compliance of xyz"
  ownerRef:
    $ref: '../../v3/schemas/BaseReferenceDto.yaml'
  externalPolicyReference:
    type: string
    description: Optional External Policy Reference
    example: "XYZ policy"
  policyQuery:
    type: string
    description: Search query of the SOD policy
    example: "@access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdg) AND @access(id:0f11f2a4-7c94-4bf3-a2bd-742580fe3bdf)"
  compensatingControls:
    type: string
    description: Optional compensating controls(Mitigating Controls)
    example: "Have a manager review the transaction decisions for their \"out of compliance\" employee"
  correctionAdvice:
    type: string
    description: Optional correction advice
    example: "Based on the role of the employee, managers should remove access that is not required for their job function."
  state:
    type: string
    description: whether the policy is enforced or not
    enum:
      - ENFORCED
      - NOT_ENFORCED
    example: ENFORCED
  tags:
    type: array
    description: tags for this policy object
    example: ["TAG1", "TAG2"]
    items:
      type: string
  creatorId:
    type: string
    description: Policy's creator ID
    example: "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde"
  modifierId:
    type: string
    description: Policy's modifier ID
    example: "0f11f2a4-7c94-4bf3-a2bd-742580fe3bde"
    nullable : true
  violationOwnerAssignmentConfig:
    $ref: './ViolationOwnerAssignmentConfig.yaml'
    nullable: true
  scheduled:
    type: boolean
    description: defines whether a policy has been scheduled or not
    example: true
  type:
    type: string
    description: whether a policy is query based or conflicting access based
    default: GENERAL
    enum:
      - GENERAL
      - CONFLICTING_ACCESS_BASED
    example: GENERAL
  conflictingAccessCriteria:
    $ref: './ConflictingAccessCriteria.yaml'
    nullable: true