Overview

Refer to the policy concepts page.

Creating a Policy

Refer to the Create a Policy guide for additional details.

Resource Permissions

Each resource has a set of permissions that can be assigned to a policy.

Expand the dropdown below and click on a resource to view their assignable permissions.

Built-in Policies

Each org has the following built-in policies for each resource (agent, GVC, etc.):

Policy NameDescriptionTargetPermissionGroupService Account
superusers-RESOURCEBuilt-in policy granting full access to the superusers groupAll Itemsmanagesuperuserscontrolplane
viewers-RESOURCEBuilt-in policy granting read-only access to the viewers groupAll Itemsviewviewersnone

Permissions

The permissions below are used to define policies together with one or more of the four principal types:

PermissionDescriptionImplies
createCreate new policies
deleteDelete existing policies
editModify existing policiesview
manageFull accesscreate, delete, edit, manage, view
viewRead-only view

Access Report

Displays the permissions granted to principals for the policy.

CLI

To view the CLI documentation for policies, click here.