Refer to the policy concepts page.

Creating a Policy

Refer to the Create a Policy guide for additional details.

Resource Permissions

Each resource has a set of permissions that can be assigned to a policy.

Expand the dropdown below and click on a resource to view their assignable permissions.


After clicking on a link, expand the Examples dropdown to view the list.

Built-in Policies

Each org has the following built-in policies for each resource (agent, GVC, etc.):

Policy NameDescriptionTargetPermissionGroupService Account
superusers-RESOURCEBuilt-in policy granting full access to the superusers groupAll Itemsmanagesuperuserscontrolplane
viewers-RESOURCEBuilt-in policy granting read-only access to the viewers groupAll Itemsviewviewersnone


The permissions below are used to define policies together with one or more of the four principal types:

createCreate new policies
deleteDelete existing policies
editModify existing policiesview
manageFull accesscreate, delete, edit, manage, view
viewRead-only view

Access Report

Displays the permissions granted to principals for the policy.


To view the CLI documentation for policies, click here.


To view the schema documentation for policies, click here.

Copyright © 2024 Control Plane Corporation. All rights reserved. Revision ba5c0f81