Quick Starts
Concepts
Guides
External Logging
Kubernetes (Managed)
Bring your Own Kubernetes (BYOK)
Terraform Provider
Reference
Schemas
Create a Policy
Overview
Follow the steps below to create a policy defining access permissions to any Control Plane resource for any principal (user, service account, group, and identity).
Prerequisites
- Review the policy reference page
- Permissions to create a policy
- Optional:
- Install the CLI
Create using the UI Console
- Create a new policy by either:
- Clicking
Policiesin the left menu and clickNew, or - Click the
Createdropdown in the upper right corner and selectPolicy
- Clicking
- Select Resource Type:
- Enter a policy name and optional description
- Select a target resource type
- Choose one of the resource types that you'd like to control access to
- You have the option to select specific resources or target all the resources in your org by turning on the
Target Allswitch - If you are targeting all the resources, click
Nextand skip to step 4. - Click
Next
- Select Specific Resources:
- Choose one or both of the following methods to select resources:
- Directly assigned:
- A list of available resources will be shown and can be selected
- Dynamically assigned:
- Using the tag query form, configure the match by rule.
- Directly assigned:
- Click
Next
- Choose one or both of the following methods to select resources:
- Add a Binding:
- At least one binding is required. Click
Add Binding. - Select one or more permissions. These permissions are specific to the selected resource type.
- Browse through the principal tabs and select at least one principal. Click
Add. - If required, add additional bindings. Note: The bindings must have a unique set of permissions. Click
Create. - The policy has been created and is now active
- At least one binding is required. Click
Create using the CLI
Refer to the policy create and policy add-binding commands for details and examples on how to create a policy and binding using the CLI.
Summary
Control Plane policies allow for fine-grained authorization to the resources within your org. By granting to principals only the permissions they need to get their job done, policies limit the information they can view and actions they can perform. Most applications and services running on the platform are mission-critical and authorized principals should only have the access they require.
placeholder
placeholder
Copyright © 2024 Control Plane Corporation. All rights reserved. Revision fe68539f
Contents