diff --git a/README.md b/README.md index b70e287..6daa141 100644 --- a/README.md +++ b/README.md @@ -349,11 +349,12 @@ This object _MAY_ be extended with [Specification Extensions](#specification-ext The fields are dependent on the defined type. -| Field | Type | Description | -|-------------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| type | `string` | REQUIRED. The type of the data product technology that implements the data contract. Well-known server types are: `bigquery`, `s3`, `glue`, `redshift`, `azure`, `sqlserver`, `snowflake`, `databricks`, `postgres`, `oracle`, `kafka`, `pubsub`, `sftp`, `kinesis`, `trino`, `local` | -| description | `string` | An optional string describing the server. | -| environment | `string` | An optional string describing the environment, e.g., prod, sit, stg. | +| Field | Type | Description | +|-------------|-------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| type | `string` | REQUIRED. The type of the data product technology that implements the data contract. Well-known server types are: `bigquery`, `s3`, `glue`, `redshift`, `azure`, `sqlserver`, `snowflake`, `databricks`, `postgres`, `oracle`, `kafka`, `pubsub`, `sftp`, `kinesis`, `trino`, `local` | +| description | `string` | An optional string describing the server. | +| environment | `string` | An optional string describing the environment, e.g., prod, sit, stg. | +| roles | Array of `Server Role Object` | An optional array of roles that are available and can be requested to access the server for role-based access control. E.g. separate roles for different regions or sensitive data. | This object _MAY_ be extended with [Specification Extensions](#specification-extensions). @@ -530,6 +531,13 @@ servers: | path | `string` | The relative or absolute path to the data file(s), such as `./folder/data.parquet`. | | format | `string` | The format of the file(s), such as `parquet`, `delta`, `csv`, or `json`. | +#### Server Role Object + +| Field | Type | Description | +|-------------|----------|--------------------------------------------------------------| +| name | `string` | Name of the role | +| description | `string` | A description of the role and what access the role provides. | + ### Terms Object The terms and conditions of the data contract. diff --git a/datacontract.schema.json b/datacontract.schema.json index 5c35fbf..e9d8689 100644 --- a/datacontract.schema.json +++ b/datacontract.schema.json @@ -1143,6 +1143,26 @@ "trino", "local" ] + }, + "roles": { + "description": " An optional array of roles that are available and can be requested to access the server for role-based access control. E.g. separate roles for different regions or sensitive data.", + "type": "array", + "items": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the role." + }, + "description": { + "type": "string", + "description": "A description of the role and what access the role provides." + } + }, + "required": [ + "name" + ] + } } }, "additionalProperties": true,