PolicyAction

A single action a policy can allow or deny. Actions follow the format {entity}:{verb} — for example project:view or instance:deploy.

Use policyActions to enumerate the complete catalog when building a policy-authoring UI. Descriptions are written for end users and explain what the action permits, what it does not permit, and how it relates to other actions (especially around the project-as-view-boundary model).

type PolicyAction {
  id: ID!
  verb: String!
  entity: PolicyEntity!
  description: String!
}

Fields

`PolicyAction.id` ● `ID!` non-null scalar {#id}

Canonical action identifier in {entity}:{verb} format (for example project:view).

`PolicyAction.verb` ● `String!` non-null scalar {#verb}

Action verb portion of the id (for example view, deploy, configure).

`PolicyAction.entity` ● `PolicyEntity!` non-null object {#entity}

The entity this action applies to.

`PolicyAction.description` ● `String!` non-null scalar {#description}

Human-readable description of what this action permits.

Returned By

policyActions query

Fields​

PolicyAction.id ● ID! non-null scalar {#id}​

PolicyAction.verb ● String! non-null scalar {#verb}​

PolicyAction.entity ● PolicyEntity! non-null object {#entity}​

PolicyAction.description ● String! non-null scalar {#description}​