Refer to the policy concepts page.

Creating a Policy

Refer to the Create a Policy guide for additional details.

Resource Permissions

Each resource has a set of permissions that can be assigned to a policy.

Expand the dropdown below and click on a resource to view their assignable permissions.


After clicking on a link, expand the Examples dropdown to view the list.

Built-in Policies

Each org has the following built-in policies for each resource (agent, GVC, etc.):

Policy NameDescriptionTargetPermissionGroupService Account
superusers-RESOURCEBuilt-in policy granting full access to the superusers groupAll Itemsmanagesuperuserscontrolplane
viewers-RESOURCEBuilt-in policy granting read-only access to the viewers groupAll Itemsviewviewersnone


The permissions below are used to define policies together with one or more of the four principal types:

createCreate new policies
deleteDelete existing policies
editModify existing policiesview
manageFull accesscreate, delete, edit, manage, view
viewRead-only view

Access Report

Displays the permissions granted to principals for the policy.


To view the CLI documentation for policies, click here

Copyright © 2023 Control Plane Corporation. All rights reserved. Revision 119327cc