Policy
Overview
Refer to the policy concepts page.
Creating a Policy
Refer to the Create a Policy guide for additional details.
Resource Permissions
Each resource has a set of permissions that can be assigned to a policy.
Expand the dropdown below and click on a resource to view their assignable permissions.
Resources
Resources
After clicking on a link, expand the Examples dropdown to view the list.
Built-in Policies
Each org has the following built-in policies for each resource (agent, GVC, etc.):
| Policy Name | Description | Target | Permission | Group | Service Account |
|---|---|---|---|---|---|
| superusers-RESOURCE | Built-in policy granting full access to the superusers group | All Items | manage | superusers | controlplane |
| viewers-RESOURCE | Built-in policy granting read-only access to the viewers group | All Items | view | viewers | none |
Permissions
The permissions below are used to define policies together with one or more of the four principal types:
| Permission | Description | Implies |
|---|---|---|
| create | Create new policies | |
| delete | Delete existing policies | |
| edit | Modify existing policies | view |
| manage | Full access | create, delete, edit, manage, view |
| view | Read-only view |
Access Report
Displays the permissions granted to principals for the policy.
CLI
To view the CLI documentation for policies, click here.
Policy
Overview
Refer to the policy concepts page.
Creating a Policy
Refer to the Create a Policy guide for additional details.
Resource Permissions
Each resource has a set of permissions that can be assigned to a policy.
Expand the dropdown below and click on a resource to view their assignable permissions.
Resources
Resources
After clicking on a link, expand the Examples dropdown to view the list.
Built-in Policies
Each org has the following built-in policies for each resource (agent, GVC, etc.):
| Policy Name | Description | Target | Permission | Group | Service Account |
|---|---|---|---|---|---|
| superusers-RESOURCE | Built-in policy granting full access to the superusers group | All Items | manage | superusers | controlplane |
| viewers-RESOURCE | Built-in policy granting read-only access to the viewers group | All Items | view | viewers | none |
Permissions
The permissions below are used to define policies together with one or more of the four principal types:
| Permission | Description | Implies |
|---|---|---|
| create | Create new policies | |
| delete | Delete existing policies | |
| edit | Modify existing policies | view |
| manage | Full access | create, delete, edit, manage, view |
| view | Read-only view |
Access Report
Displays the permissions granted to principals for the policy.
CLI
To view the CLI documentation for policies, click here.