{
    "$schema": "http://json-schema.org/draft-07/schema#",
    "$id": "#AccessPolicy",
    "description": "A policy for access control assigned to a Host, Role, User, UserGroup, or Service.",
    "type": "object",
    "allOf": [
        {
            "$ref": "#Entity"
        },
        {
            "properties": {
                "admin": {
                    "description": "Indicates if the policy grants administrative privilege.",
                    "type": "boolean"
                },
                "rules": {
                    "description": "Rules of this policy. Each rule is written 'as-code' that can be operationalized with a control provider or within JupiterOne's rules engine.",
                    "type": "array",
                    "items": {
                        "type": "string"
                    }
                },
                "content": {
                    "description": "Content of a policy contains the raw policy rules, if applicable. For example, the JSON text of an AWS IAM Policy. This is stored in raw data.",
                    "type": "string"
                }
            },
            "required": []
        }
    ]
}