Manage access control policies
Access control policies are statements that bring attributes together to establish permissible and impermissible actions. Access policies can either be local or global, and can override other policies. ÃÛ¶¹ÊÓƵ provides a default policy that can be activated immediately or whenever your organization is ready to start controlling access to specific objects based on labels. The default policy leverages labels applied to resources to deny access unless users are in a role with a matching label.
Configure policy for a sandbox
To view sandboxes associated to a policy, select the policy from the Policies tab.
Next, select the policy, then select Sandboxes tab. A list of sandboxes associated with the policy are displayed.
Add policy to all sandboxes
Use the Auto-include toggle on the Sandboxes tab to activate the policy for all sandboxes.
The Enable Auto-include dialog appears prompting you to confirm your selection. Select Enable to complete the configuration setting.
Add policy to select sandboxes
Use the Auto-include toggle on the Sandboxes tab to disable the policy for all sandboxes.
From the Sandboxes tab, select Add Sandboxes to select sandboxes that this policy will apply to.
A list of sandboxes appears. Select the sandbox you would like to add from the list. Alternatively, use the search bar to search for the sandbox. Select Save.
Remove sandboxes from a policy
To remove a sandbox, select the X icon next to the sandbox name.
The Remove dialog appears prompting you to confirm your selection. Select Confirm to complete the removal.
Activate a policy
To activate an existing policy, select the policy from the Policies tab.
Next, select the ellipsis (…
) next to a policies name, and a dropdown displays controls to edit, activate, delete, or duplicate the role. Select activate from the dropdown.
The Activate policy dialog appears, prompting you to confirm the activation.
You are returned to the policies tab and a confirmation of activation pop over appears. The policy status shows as active.
Next steps
With a policy activated, you can proceed to the next step to manage permissions for a role.