29 KiB
29 KiB
Horde > Deployment > Server > Server.json
Server.json
All Horde-specific settings are stored in a root object called Horde. Other .NET functionality may be configured using properties in the root of this file.
| Name | Description |
|---|---|
runModes |
RunMode[]Modes that the server should run in. Runmodes can be used in a multi-server deployment to limit the operations that a particular instance will try to perform. |
dataDir |
stringOverride the data directory used by Horde. Defaults to C:\ProgramData\HordeServer on Windows, {AppDir}/Data on other platforms. |
installed |
booleanWhether the server is running in 'installed' mode. In this mode, on Windows, the default data directory will use the common application data folder (C:\ProgramData\Epic\Horde), and configuration data will be read from here and the registry. This setting is overridden to false for local builds from appsettings.Local.json. |
httpPort |
integerMain port for serving HTTP. |
httpsPort |
integerPort for serving HTTP with TLS enabled. Disabled by default. |
http2Port |
integerDedicated port for serving only HTTP/2. |
mongoConnectionString |
stringConnection string for the Mongo database |
databaseConnectionString |
stringMongoDB connection string |
mongoDatabaseName |
stringMongoDB database name |
databaseName |
string |
mongoPublicCertificate |
stringOptional certificate to trust in order to access the database (eg. AWS public cert for TLS) |
databasePublicCert |
string |
mongoReadOnlyMode |
booleanAccess the database in read-only mode (avoids creating indices or updating content) Useful for debugging a local instance of HordeServer against a production database. |
databaseReadOnlyMode |
boolean |
mongoMigrationsEnabled |
booleanWhether database schema migrations are enabled |
mongoMigrationsAutoUpgrade |
booleanWhether database schema should automatically be applied Only recommended for dev or test environments |
shutdownMemoryThreshold |
integerShutdown the current server process if memory usage reaches this threshold (specified in MB) Usually set to 80-90% of available memory to avoid CLR heap using all of it. If a memory leak was to occur, it's usually better to restart the process rather than to let the GC work harder and harder trying to recoup memory. Should only be used when multiple server processes are running behind a load balancer and one can be safely restarted automatically by the underlying process handler (Docker, Kubernetes, AWS ECS, Supervisor etc). The shutdown behaves similar to receiving a SIGTERM and will wait for outstanding requests to finish. |
serverPrivateCert |
stringOptional PFX certificate to use for encrypting agent SSL traffic. This can be a self-signed certificate, as long as it's trusted by agents. |
authMethod |
AuthMethod Type of authentication (e.g anonymous, OIDC, built-in Horde accounts) If "Horde" auth mode is used, be sure to configure "ServerUrl" as well. |
oidcProfileName |
stringOptional profile name to report through the /api/v1/server/auth endpoint. Allows sharing auth tokens between providers configured through the same profile name in OidcToken.exe config files. |
oidcAuthority |
stringOpenID Connect (OIDC) authority URL (required when OIDC is enabled) |
oidcAudience |
stringAudience for validating externally issued tokens (required when OIDC is enabled) |
oidcClientId |
stringClient ID for the OIDC authority (required when OIDC is enabled) |
oidcClientSecret |
stringClient secret for authenticating with the OIDC provider. Note: If you need authentication support in Unreal Build Tool or Unreal Game Sync, configure your OIDC client as a public client (using PKCE flow without a client secret) instead of a confidential client. These tools utilize the EpicGames.OIDC library which only supports public clients with authorization code flow + PKCE. |
oidcSigninRedirect |
stringOptional redirect url provided to OIDC login |
oidcLocalRedirectUrls |
string[]Optional redirect url provided to OIDC login for external tools (typically to a local server) Default value is the local web server started during signin by EpicGames.OIDC library |
oidcDebugMode |
booleanDebug mode for OIDC which logs reasons for why JWT tokens fail to authenticate Also turns off HTTPS requirement for OIDC metadata fetching. NOT FOR PRODUCTION USE! |
oidcRequestedScopes |
string[]OpenID Connect scopes to request when signing in |
oidcClaimNameMapping |
string[]List of fields in /userinfo endpoint to try map to the standard name claim (see System.Security.Claims.ClaimTypes.Name) |
oidcClaimEmailMapping |
string[]List of fields in /userinfo endpoint to try map to the standard email claim (see System.Security.Claims.ClaimTypes.Email) |
oidcClaimHordeUserMapping |
string[]List of fields in /userinfo endpoint to try map to the Horde user claim (see HordeClaimTypes.User) |
oidcClaimHordePerforceUserMapping |
string[]List of fields in /userinfo endpoint to try map to the Horde Perforce user claim (see HordeClaimTypes.PerforceUser) |
oidcApiRequestedScopes |
string[]API scopes to request when acquiring OIDC access tokens |
oidcAddDefaultScopesAndMappings |
booleanAdd common scopes and mappings to above OIDC config fields Provided as a workaround since .NET config will only merge array entries when combining multiple config sources. Due to this unwanted behavior, having hard-coded defaults makes such fields unchangeable. See https://github.com/dotnet/runtime/issues/36569 |
serverUrl |
stringBase URL this Horde server is accessible from For example https://horde.mystudio.com. If not set, a default is used based on current hostname. It's important this URL matches where users and agents access the server as it's used for signing auth tokens etc. Must be configured manually when running behind a reverse proxy or load balancer |
jwtIssuer |
stringName of the issuer in bearer tokens from the server |
jwtExpiryTimeHours |
integerLength of time before JWT tokens expire, in hours |
adminClaimType |
stringThe claim type for administrators |
adminClaimValue |
stringValue of the claim type for administrators |
corsEnabled |
booleanWhether to enable Cors, generally for development purposes |
corsOrigin |
stringAllowed Cors origin |
enableDebugEndpoints |
booleanWhether to enable debug/administrative REST API endpoints |
enableNewAgentsByDefault |
booleanWhether to automatically enable new agents by default. If false, new agents must manually be enabled before they can take on work. |
schedulePollingInterval |
stringInterval between rebuilding the schedule queue with a DB query. |
noResourceBackOffTime |
stringInterval between polling for new jobs |
initiateJobBackOffTime |
stringInterval between attempting to assign agents to take on jobs |
unknownErrorBackOffTime |
stringInterval between scheduling jobs when an unknown error occurs |
redisConnectionString |
stringConfig for connecting to Redis server(s). Setting it to null will disable Redis use and connection See format at https://stackexchange.github.io/StackExchange.Redis/Configuration.html |
redisConnectionConfig |
string |
redisReadOnlyMode |
booleanWhether to disable writes to Redis. |
logServiceWriteCacheType |
stringOverridden settings for storage backends. Useful for running against a production server with custom backends. |
logJsonToStdOut |
booleanWhether to log json to stdout |
logSessionRequests |
booleanWhether to log requests to the UpdateSession and QueryServerState RPC endpoints |
scheduleTimeZone |
stringTimezone for evaluating schedules |
dashboardUrl |
stringThe URl to use for generating links back to the dashboard. |
helpEmailAddress |
stringHelp email address that users can contact with issues |
helpSlackChannel |
stringHelp slack channel that users can use for issues |
globalThreadPoolMinSize |
integerSet the minimum size of the global thread pool This value has been found in need of tweaking to avoid timeouts with the Redis client during bursts of traffic. Default is 16 for .NET Core CLR. The correct value is dependent on the traffic the Horde Server is receiving. For Epic's internal deployment, this is set to 40. |
withDatadog |
booleanWhether to enable Datadog integration for tracing |
configPath |
stringPath to the root config file. Relative to the server.json file by default. |
forceConfigUpdateOnStartup |
booleanForces configuration data to be read and updated as part of appplication startup, rather than on a schedule. Useful when running locally. |
openBrowser |
booleanWhether to open a browser on startup |
featureFlags |
FeatureFlagSettings Experimental features to enable on the server. |
openTelemetry |
OpenTelemetrySettings Options for OpenTelemetry |
plugins |
ServerPluginsConfig Configuration for plugins |
RunMode (Enum)
Type of run mode this process should use. Each carry different types of workloads. More than one mode can be active. But not all modes are not guaranteed to be compatible with each other and will raise an error if combined in such a way.
| Name | Description |
|---|---|
None |
Default no-op value (ASP.NET config will default to this for enums that cannot be parsed) |
Server |
Handle and respond to incoming external requests, such as HTTP REST and gRPC calls. These requests are time-sensitive and short-lived, typically less than 5 secs. If processes handling requests are unavailable, it will be very visible for users. |
Worker |
Run non-request facing workloads. Such as background services, processing queues, running work based on timers etc. Short periods of downtime or high CPU usage due to bursts are fine for this mode. No user requests will be impacted directly. If auto-scaling is used, a much more aggressive policy can be applied (tighter process packing, higher avg CPU usage). |
AuthMethod (Enum)
Authentication method used for logging users in
| Name | Description |
|---|---|
Anonymous |
No authentication enabled. Only for demo and testing purposes. |
Okta |
OpenID Connect authentication, tailored for Okta |
OpenIdConnect |
Generic OpenID Connect authentication, recommended for most |
Horde |
Authenticate using username and password credentials stored in Horde OpenID Connect (OIDC) is first and foremost recommended. But if you have a small installation (less than ~10 users) or lacking an OIDC provider, this is an option. |
FeatureFlagSettings
Feature flags to aid rollout of new features. Once a feature is running in its intended state and is stable, the flag should be removed. A name and date of when the flag was created is noted next to it to help encourage this behavior. Try having them be just a flag, a boolean.
OpenTelemetrySettings
OpenTelemetry configuration for collection and sending of traces and metrics.
| Name | Description |
|---|---|
enabled |
booleanWhether OpenTelemetry exporting is enabled |
serviceName |
stringService name |
serviceNamespace |
stringService namespace |
serviceVersion |
stringService version |
enableDatadogCompatibility |
booleanWhether to enrich and format telemetry to fit presentation in Datadog |
attributes |
string -> stringExtra attributes to set |
enableConsoleExporter |
booleanWhether to enable the console exporter (for debugging purposes) |
protocolExporters |
string -> OpenTelemetryProtocolExporterSettingsProtocol exporters (key is a unique and arbitrary name) |
OpenTelemetryProtocolExporterSettings
Configuration for an OpenTelemetry exporter
| Name | Description |
|---|---|
endpoint |
stringEndpoint URL. Usually differs depending on protocol used. |
protocol |
stringProtocol for the exporter ('grpc' or 'httpprotobuf') |
ServerPluginsConfig
| Name | Description |
|---|---|
analytics |
AnalyticsServerConfig Configuration for the analytics plugin |
build |
BuildServerConfig Configuration for the build plugin |
compute |
ComputeServerConfig Configuration for the compute plugin |
ddc |
PluginServerConfig Configuration for the ddc plugin |
experimental |
ExperimentalServerConfig Configuration for the experimental plugin |
secrets |
PluginServerConfig Configuration for the secrets plugin |
storage |
StorageServerConfig Configuration for the storage plugin |
symbols |
PluginServerConfig Configuration for the symbols plugin |
tools |
ToolsServerConfig Configuration for the tools plugin |
AnalyticsServerConfig
Server configuration for the analytics system
| Name | Description |
|---|---|
sinks |
TelemetrySinkConfig Settings for the various telemetry sinks |
enabled |
booleanWhether the plugin should be enabled or not |
TelemetrySinkConfig
Telemetry sinks
| Name | Description |
|---|---|
epic |
EpicTelemetryConfig Settings for the Epic telemetry sink |
mongo |
MongoTelemetryConfig Settings for the MongoDB telemetry sink |
EpicTelemetryConfig
Configuration for the telemetry sink
| Name | Description |
|---|---|
url |
stringBase URL for the telemetry server |
appId |
stringApplication name to send in the event messages |
enabled |
booleanWhether to enable this sink |
MongoTelemetryConfig
Configuration for the telemetry sink
| Name | Description |
|---|---|
retainDays |
numberNumber of days worth of telmetry events to keep |
enabled |
booleanWhether to enable this sink |
BuildServerConfig
Static configuration for the build plugin
| Name | Description |
|---|---|
perforce |
PerforceConnectionSettings[]Perforce connections for use by the Horde server (not agents) |
useLocalPerforceEnv |
booleanWhether to use the local Perforce environment |
perforceConnectionPoolSize |
integerNumber of pooled perforce connections to keep |
enableConformTasks |
booleanWhether to enable the conform task source. |
p4SwarmUrl |
stringUrl of P4 Swarm installation |
robomergeUrl |
stringUrl of Robomergem installation |
commitsViewerUrl |
stringUrl of Commits Viewer |
jiraUsername |
stringThe Jira service account user name |
jiraApiToken |
stringThe Jira service account API token |
jiraUrl |
stringThe Uri for the Jira installation |
sharedDeviceCheckoutDays |
integerThe number of days shared device checkouts are held |
deviceProblemCooldownMinutes |
integerThe number of cooldown minutes for device problems |
deviceReportChannel |
stringChannel to send device reports to |
disableSchedules |
booleanWhether to run scheduled jobs. |
slackToken |
stringBot token for interacting with Slack (xoxb-*) |
slackSocketToken |
stringToken for opening a socket to slack (xapp-*) |
slackAdminToken |
stringAdmin user token for Slack (xoxp-*). This is only required when using the admin endpoints to invite users. |
slackUsers |
stringFiltered list of slack users to send notifications to. Should be Slack user ids, separated by commas. |
slackErrorPrefix |
stringPrefix to use when reporting errors |
slackWarningPrefix |
stringPrefix to use when reporting warnings |
configNotificationChannel |
stringChannel for sending messages related to config update failures |
updateStreamsNotificationChannel |
stringChannel to send stream notification update failures to |
jobNotificationChannel |
stringSlack channel to send job related notifications to. Multiple channels can be specified, separated by ; |
agentNotificationChannel |
stringSlack channel to send agent related notifications to. |
testDataRetainMonths |
integerThe number of months to retain test data |
blockCacheDir |
stringDirectory to store the fine-grained block cache. This caches individual exports embedded in bundles. |
blockCacheSize |
stringMaximum size of the block cache. Accepts standard binary suffixes. Currently only allocates in multiples of 1024mb. |
blockCacheSizeBytes |
integerAccessor for the block cache size in bytes |
commits |
CommitSettings Options for the commit service |
enabled |
booleanWhether the plugin should be enabled or not |
PerforceConnectionSettings
Perforce connection information for use by the Horde server (for reading config files, etc...)
| Name | Description |
|---|---|
id |
stringIdentifier for this server |
serverAndPort |
stringServer and port |
credentials |
PerforceCredentials Credentials for the server |
PerforceCredentials
Credentials for a Perforce user
| Name | Description |
|---|---|
userName |
stringThe username |
password |
stringPassword for the user |
ticket |
stringLogin ticket for the user (will be used instead of password if set) |
CommitSettings
Options for the commit service
| Name | Description |
|---|---|
replicateMetadata |
booleanWhether to mirror commit metadata to the database |
replicateContent |
booleanWhether to mirror commit data to storage |
bundle |
BundleOptions Options for how objects are packed together |
chunking |
ChunkingOptions Options for how objects are sliced |
BundleOptions
Options for configuring a bundle serializer
| Name | Description |
|---|---|
maxVersion |
BundleVersion Maximum version number of bundles to write |
maxBlobSize |
integerMaximum payload size fo a blob |
compressionFormat |
BundleCompressionFormat Compression format to use |
minCompressionPacketSize |
integerMinimum size of a block to be compressed |
maxWriteQueueLength |
integerMaximum amount of data to store in memory. This includes any background writes as well as bundles being built. |
BundleVersion (Enum)
Bundle version number
| Name | Description |
|---|---|
Initial |
Initial version number |
ExportAliases |
Added the BundleExport.Alias property |
RemoveAliases |
Back out change to include aliases. Will likely do this through an API rather than baked into the data. |
InPlace |
Use data structures which support in-place reading and writing. |
ImportHashes |
Add import hashes to imported nodes |
LatestV1 |
Last version using the V1 pipeline |
PacketSequence |
Structure bundles as a sequence of self-contained packets (uses V2 code) |
Latest |
The current version number |
LatestV2 |
Last version using the V2 pipeline |
LatestPlusOne |
Last item in the enum. Used for |
BundleCompressionFormat (Enum)
Indicates the compression format in the bundle
| Name | Description |
|---|---|
None |
Packets are uncompressed |
LZ4 |
LZ4 compression |
Gzip |
Gzip compression |
Oodle |
Oodle compression (Selkie) |
Brotli |
Brotli compression |
Zstd |
ZStandard compression |
ChunkingOptions
Options for creating file nodes
| Name | Description |
|---|---|
leafOptions |
LeafChunkedDataNodeOptions Options for creating leaf nodes |
interiorOptions |
InteriorChunkedDataNodeOptions Options for creating interior nodes |
LeafChunkedDataNodeOptions
Options for creating a specific type of file nodes
| Name | Description |
|---|---|
minSize |
integerMinimum chunk size |
maxSize |
integerMaximum chunk size. Chunks will be split on this boundary if another match is not found. |
targetSize |
integerTarget chunk size for content-slicing |
windowSize |
integerWindow size to use when scanning for split points |
threshold |
integerAccessor for the BuzHash chunking threshold |
InteriorChunkedDataNodeOptions
Options for creating interior nodes
| Name | Description |
|---|---|
minChildCount |
integerMinimum number of children in each node |
targetChildCount |
integerTarget number of children in each node |
maxChildCount |
integerMaximum number of children in each node |
sliceThreshold |
integerThreshold hash value for splitting interior nodes |
ComputeServerConfig
Static configuration for the compute plugin
| Name | Description |
|---|---|
enableUpgradeTasks |
booleanWhether to enable the upgrade task source, always upgrading agents to the latest version |
withAws |
booleanWhether to enable Amazon Web Services (AWS) specific features |
awsRegions |
string[]List of AWS regions for Horde to be aware of (e.g. us-east-1 or eu-central-1) Right now, this is only used for replicating CloudWatch metrics to multiple regions |
awsAutoScalingQueueUrls |
string[]AWS SQS queue URLs where lifecycle events from EC2 auto-scaling are received |
fleetManagerV2 |
FleetManagerType Default fleet manager to use (when not specified by pool) |
fleetManagerV2Config |
objectConfig for the fleet manager (serialized JSON) |
autoEnrollAgents |
booleanWhether to automatically enroll agents in the farm |
defaultAgentPoolSizeStrategy |
PoolSizeStrategy Default agent pool sizing strategy for pools that doesn't have one explicitly configured |
agentPoolScaleOutCooldownSeconds |
integerScale-out cooldown for auto-scaling agent pools (in seconds). Can be overridden by per-pool settings. |
agentPoolScaleInCooldownSeconds |
integerScale-in cooldown for auto-scaling agent pools (in seconds). Can be overridden by per-pool settings. |
computeTunnelPort |
integerPort to listen on for tunneling compute sockets to agents |
computeTunnelAddress |
stringWhat address (host:port) clients should connect to for compute socket tunneling Port may differ from if Horde server is behind a reverse proxy/firewall |
enabled |
booleanWhether the plugin should be enabled or not |
FleetManagerType (Enum)
Available fleet managers
| Name | Description |
|---|---|
Default |
Default fleet manager |
NoOp |
No-op fleet manager. |
Aws |
Fleet manager for handling AWS EC2 instances. Will create and/or terminate instances from scratch. |
AwsReuse |
Fleet manager for handling AWS EC2 instances. Will start already existing but stopped instances to reuse existing EBS disks. |
AwsRecycle |
Fleet manager for handling AWS EC2 instances. Will start already existing but stopped instances to reuse existing EBS disks. |
AwsAsg |
Fleet manager for handling AWS EC2 instances. Uses an EC2 auto-scaling group for controlling the number of running instances. |
PoolSizeStrategy (Enum)
Available pool sizing strategies
| Name | Description |
|---|---|
LeaseUtilization |
Strategy based on lease utilization |
JobQueue |
Strategy based on size of job build queue |
NoOp |
No-op strategy used as fallback/default behavior |
ComputeQueueAwsMetric |
A no-op strategy that reports metrics to let an external AWS auto-scaling policy scale the fleet |
LeaseUtilizationAwsMetric |
A no-op strategy that reports metrics to let an external AWS auto-scaling policy scale the fleet |
PluginServerConfig
Base class for plugin server config objects
| Name | Description |
|---|---|
enabled |
booleanWhether the plugin should be enabled or not |
ExperimentalServerConfig
Server configuration for the experimental plugin
| Name | Description |
|---|---|
enabled |
booleanWhether the plugin should be enabled or not |
StorageServerConfig
Static settings for the storage system
| Name | Description |
|---|---|
bundleCacheDir |
stringDirectory to use for the coarse-grained backend cache. This caches full bundles downloaded from the upstream object store. |
bundleCacheSize |
stringMaximum size of the storage cache on disk. Accepts standard binary suffixes (kb, mb, gb, tb, etc...) |
bundleCacheSizeBytes |
integerAccessor for the bundle cache size in bytes |
backends |
BackendConfig[]Overridden settings for storage backends. Useful for running against a production server with custom backends. |
enabled |
booleanWhether the plugin should be enabled or not |
BackendConfig
Common settings object for different providers
| Name | Description |
|---|---|
id |
stringThe storage backend ID |
base |
stringBase backend to copy default settings from |
secondary |
stringSpecifies another backend to read from if an object is not found in this one. Can be used when migrating data from one backend to another. |
type |
StorageBackendType |
baseDir |
string |
awsBucketName |
stringName of the bucket to use |
awsBucketPath |
stringBase path within the bucket |
awsCredentials |
AwsCredentialsType Type of credentials to use |
awsRole |
stringARN of a role to assume |
awsProfile |
stringThe AWS profile to read credentials form |
awsRegion |
stringRegion to connect to |
azureConnectionString |
stringConnection string for Azure |
azureContainerName |
stringName of the container |
relayServer |
string |
relayToken |
string |
gcsBucketName |
stringName of the GCS bucket to use |
gcsBucketPath |
stringBase path within the bucket |
StorageBackendType (Enum)
Types of storage backend to use
| Name | Description |
|---|---|
FileSystem |
Local filesystem |
Aws |
AWS S3 |
Azure |
Azure blob store |
Gcs |
Google Cloud Storage |
Memory |
In-memory only (for testing) |
AwsCredentialsType (Enum)
Credentials to use for AWS
| Name | Description |
|---|---|
Default |
Use default credentials from the AWS SDK |
Profile |
Read credentials from the profile in the AWS config file |
AssumeRole |
Assume a particular role. Should specify ARN in |
AssumeRoleWebIdentity |
Assume a particular role using the current environment variables. |
ToolsServerConfig
Server configuration for bundled tools
| Name | Description |
|---|---|
bundledTools |
BundledToolConfig[]Tools bundled along with the server. Data for each tool can be produced using the 'bundle create' command, and should be stored in the Tools directory. |
enabled |
booleanWhether the plugin should be enabled or not |
BundledToolConfig
Configuration for a tool bundled alongsize the server
| Name | Description |
|---|---|
version |
stringVersion string for the current tool data |
refName |
stringRef name in the tools directory |
dataDir |
stringDirectory containing blob data for this tool. If empty, the tools/{id} folder next to the server will be used. |
id |
stringUnique identifier for the tool |
name |
stringName of the tool |
description |
stringDescription for the tool |
category |
stringCategory for the tool. Will cause the tool to be shown in a different tab in the dashboard. |
group |
stringGrouping key for different variations of the same tool. The dashboard will show these together. |
platforms |
string[]Platforms for this tool. Takes the form of a NET RID (https://learn.microsoft.com/en-us/dotnet/core/rid-catalog). |
public |
booleanWhether this tool should be exposed for download on a public endpoint without authentication |
showInUgs |
booleanWhether to show this tool for download in the UGS tools menu |
showInDashboard |
booleanWhether to show this tool for download in the dashboard |
showInToolbox |
booleanWhether to show this tool for download in Unreal Toolbox |
metadata |
string -> stringMetadata for this tool |
namespaceId |
stringDefault namespace for new deployments of this tool |
acl |
AclConfig Permissions for the tool |
AclConfig
Parameters to update an ACL
| Name | Description |
|---|---|
entries |
AclEntryConfig[]Entries to replace the existing ACL |
profiles |
AclProfileConfig[]Defines profiles which allow grouping sets of actions into named collections |
inherit |
booleanWhether to inherit permissions from the parent ACL |
exceptions |
string[]List of exceptions to the inherited setting |
AclEntryConfig
Individual entry in an ACL
| Name | Description |
|---|---|
claim |
AclClaimConfig Name of the user or group |
actions |
string[]Array of actions to allow |
profiles |
string[]List of profiles to grant |
AclClaimConfig
New claim to create
| Name | Description |
|---|---|
type |
stringThe claim type |
value |
stringThe claim value |
AclProfileConfig
Configuration for an ACL profile. This defines a preset group of actions which can be given to a user via an ACL entry.
| Name | Description |
|---|---|
id |
stringIdentifier for this profile |
actions |
string[]Actions to include |
excludeActions |
string[]Actions to exclude from the inherited actions |
extends |
string[]Other profiles to extend from |