Authoring a new policy

The first thing you need on this journey is a policy. A policy contains the authorization logic that Big ACL will use to make access decisions.

Let's take a look at an example.

Consider an organization where Managers can access reports of their direct team members, and Directors can access reports of all employees under their management, including team members of Managers they oversee.

Authorization logic is made up of several pieces:

Subjects - describing who is being granted access, typically users, groups, or service accounts. Identifying the subject is essential for determining what permissions or roles apply to them.
Resources - describing what the subject wants access to. Resources are the objects that require protection, which ca include files, database records, an API endpoint or specific functions within an application.
Actions being requested. This defines the operations that can be performed on resources, such as reading, writing, updating, or deleting.

1. Creating the policy

PreviousSigning up NextDeploying policies

Last updated 24 days ago