When you start creating multiple apps, either as an individual app creator or as a member of a team, there are typically constraints and guidelines that should be applied to every app created. App governance policies are the means by which to express these constraints and guidelines.
The typical reasons to set up app policies are:
- Design consistency
- Corporate compliance
Manage policies as described in the following sections:
- What is a policy?
- Who can add policies?
- Predefined policy templates
- Add a predefined policy
- Add a custom policy
- Edit a policy
- Delete a policy
What is a policy?
A policy is a rule that limits how AppSheet apps are created, managed, and distributed. In plain English, policies look like this:
- Every app must require users to sign in.
- Data cannot be deleted though an AppSheet app.
- Only certain people can mark apps as deployed.
- Apps can only be shared to a specific email domain.
Each policy has three important components:
- Condition: a constraint that is checked on each app.
- Severity: Error, warning, or info. This tells the platform how to handle the condition if not satisfied.
- Stage: When should the policy be checked? The most common choice is to choose the Deployment Check phase.
There are also some other options, including descriptive messages.
Who can add policies?
- Any individual AppSheet user account has permission to add individual policies.
- Team admins or ROOT accounts can create and manage team policies.
Suggestions:
- When you add a policy, start by defining a lower severity level (such as Warning), so you don't immediately block users that may already be out of compliance. This is important if you want to preserve the availability of the apps they created.
- Experiment with the predefined policies. If you want to define a policy that is not predefined, try using the custom policies. Contact AppSheet Support if you need assistance.
Predefined policy templates
You can create policies on almost every aspect of the app creation, management, and distribution of AppSheet apps. The following predefined templates can be used to get started quickly, or you can define more complex policies through custom policies.
Predefined policy template |
Description |
Require sign-in |
Apps must require user sign-in |
Run-as app creator |
Apps cannot be run by the app user |
Prevent row delete |
Apps cannot delete data |
Restrict data source attachable to apps |
Apps can access only specific data sources |
Restrict providers attachable to apps |
Apps can access only specific providers |
Acceptable image resolution |
Apps require a minimum resolution for captured images |
Must sync-on-start |
Apps must refresh their data each time they start |
Enable offline use |
Apps must be configured to run offline |
Restrict Prototype Authentication |
Apps must:
By default, this policy applies to prototype apps; you can change the targeted apps to all or deployed apps. Note: It is required that you use this policy with Restrict Prototype Sharing to fully limit prototype access. See Restrict prototype sharing of apps. |
Restrict who can deploy apps |
Apps can be deployed only by specific app creators |
Apps must have documentation |
Apps must include documentation; see App documentation on the About page |
Only users from specific domain |
Only users from a specific domain can access the app |
Enforce FedRAMP compliance |
Apps are FedRAMP compliant |
Restrict Prototype Sharing |
Apps must:
See also: Share: The Essentials By default, this policy applies to prototype apps; you can change the targeted apps to all or deployed apps. Note: It is required that you use this policy with Restrict Prototype Authentication to fully limit prototype access. See Restrict prototype sharing of apps. |
Add a predefined policy
To add a predefined policy:
- Select My account > Policies.
- Click + Account Policy or + Team Policy to add an account-specific or team policy, respectively.
- Select a predefined policy template from the Policy Template drop-down.
- Click Next.
- Configure the policy.
Field |
Description |
Name |
Name of the policy that will appear on the Policies page. |
Condition |
Constraint that is checked on each app. For the predefined templates, the condition is defined. For example, the Require sign-in policy has the condition: Modify the condition expression, if required. Note: The syntax for conditions is identical to the expression syntax used in the rest of AppSheet. |
Severity |
Flag that specifies how to handle the condition if not satisfied. Valid values are Error or Warning. |
Target |
Apps that are targeted by the policy. Valid values include All Apps, Prototype Apps, or Deployed Apps. |
Stage |
Stage that the policy should be checked. Valid values include Check on App Edit or Check on Deployment (most common). Note: Do not set this value to Check on Deployment if Target is set to Deployed Apps. |
Description |
Description of the policy that will appear on the Policies page. |
Success Message |
Message to be displayed if policy is successfully adhered to. |
Failure Message |
Message to be displayed if the policy is violated. |
- Click Save.
Add a custom policy
The custom policy template lets you create a rule based on a specific component of the AppSheet service.
To create a custom policy:
- Select My account > Policies.
- Click + Account Policy or + Team Policy to add an account-specific or team policy, respectively.
- Select Custom policy from the Policy Template drop-down.
- Click Next.
- Configure the policy.
Field |
Description |
Name |
Name of the policy that will appear on the Policies page. |
Component |
Select the AppSheet component impacted by the custom policy. Almost every aspect of the app definition can be governed by policies. |
Condition |
Define the condition expression. Note: The syntax for conditions is identical to the expression syntax used in the rest of AppSheet. |
Severity |
Flag that specifies how to handle the condition if not satisfied. Valid values include:
|
Stage |
Stage that the policy should be checked. Valid values include App editing or Deployment Check. |
Description |
Description of the policy that will appear on the Policies page. |
Success Message |
Message to be displayed if policy is successfully adhered to. |
Failure Message |
Message to be displayed if the policy is violated. |
- Click Save.
Edit a policy
To edit a policy:
- Select My account > Policies.
- Click the policy that you want to delete.
The Define an App Policy dialog displays. - Edit the policy as desired.
- Click Save.
Delete a policy
To delete a policy:
- Select My account > Policies.
- Click the policy that you want to delete.
The Define an App Policy dialog displays. - Click Delete.