{
  "subject_scopes": {
    "role": [
      "admin",
      "dev"
    ],
    "subject_security_level": [
      "high",
      "medium",
      "low"
    ],
    "domain": [
      "ft",
      "xx"
    ]
  },

  "action_scopes": {
    "resource_action": [
      "vm_admin",
      "vm_access",
      "storage_admin",
      "storage_access"
    ],
    "access": [
      "write",
      "read"
    ]
  },

  "object_scopes": {
    "object_security_level": [
      "high",
      "medium",
      "low"
      ],
    "type": [
      "computing",
      "storage"
    ],
    "object_id": [
      "servers",
      "vm1",
      "vm2",
      "file1",
      "file2"
    ]
  }
}