HomeGuidesTerms & ConceptsAPI DocumentationRelease NotesStatus

API Action Permissions

This page provides a complete list of API action permissions available to use in access policies.

Suggest Edits

Permission definitions

Create: Bring items of specified type into existence.
Execute: Run a policy or query.
List: View all items of specified type.
Read: View the details of items of specified type.
Update: Modify all items of specified type.
Delete: Remove items of specified type from existence.

List of api permissions

Access policies

  • api:access-policies:create
  • api:access-policies:list
  • api:access-policies:read
  • api:access-policies:update
  • api:access-policies:delete

Categories

  • api:categories:create
  • api:categories:list
  • api:categories:read
  • api:categories:update
  • api:categories:delete

Frameworks

  • api:compliance-controls:read
  • api:compliance-frameworks:list
  • api:compliance-frameworks:read
  • api:compliance-frameworks:update

Data Explorer

  • api:queries:create
  • api:queries:execute
  • api:queries:list
  • api:queries:read
  • api:queries:update
  • api:queries:delete
  • api:tables:list
  • api:tables:read
  • api:views:create
  • api:views:list
  • api:views:read
  • api:views:update
  • api:views:delete

Data sources

  • api:datasources:create
  • api:datasources:list
  • api:datasources:read
  • api:datasources:update
  • api:datasources:delete
  • api:datasources:assign-policy
  • api:datasources:scan

Exceptions

  • api:exceptions:create
  • api:exceptions:list
  • api:exceptions:read
  • api:exceptions:update
  • api:exceptions:delete

Integrations

  • api:integrations:create
  • api:integrations:list
  • api:integrations:read
  • api:integrations:update
  • api:integrations:delete

Logs

  • api:logs:list

Metrics

  • api:metrics:read

Organizations

  • api:orgs:assign-policy (policy enabling/disabling)
  • api:orgs:create
  • api:orgs:list
  • api:orgs:read
  • api:orgs:update
  • api:orgs:delete

Policies

  • api:policies:create
  • api:policies:list
  • api:policies:read
  • api:policies:update
  • api:policies:delete
  • api:test-policy:execute

Reports

  • api:report-schedules:create
  • api:report-schedules:list
  • api:report-schedules:read
  • api:report-schedules:update
  • api:report-schedules:delete

Resources

  • api:resources:list
  • api:resources:read

Risk posture

  • api:risk-posture:read

Roles

  • api:roles:create
  • api:roles:list
  • api:roles:read
  • api:roles:update
  • api:roles:delete

SSO

  • api:sso:create
  • api:sso:list
  • api:sso:read
  • api:sso:delete

Users

  • api:users:create
  • api:users:list
  • api:users:read
  • api:users:update
  • api:users:delete
  • api:users:assign-org

Violations

  • api:violations:create
  • api:violations:list
  • api:violations:read
  • api:violations:update

Workflows

  • api:workflows:create
  • api:workflows:list
  • api:workflows:read
  • api:workflows:update
  • api:workflows:delete

Updated 5 months ago