Authoring your first rule

This page will provide step-by-step instructions to help you get started with writing your first authorization rule using natural language.

A typical authorization rule follows this structure:

[Subject] can [Action] on [Resource] when [Condition(s)]

• Subject: Who is being granted or denied access (e.g., "Admins," "John Doe," "Users with Role X").

• Action: What action is allowed or denied (e.g., "view," "edit," "delete").

• Resource: The specific item or category being accessed (e.g., "Sales Reports," "Project Data").

• Condition(s): Additional criteria that must be met (e.g., "during business hours," "if the user is in the Marketing department").

1. Creating a rule

A developer can access a repository if at least one of the following conditions is met:

• they are the owner of the repository

• they belong to the same team or department as the repository owner