Queries & Search

Entity Access

What resources or objects an entity can access.

Entity access starts with one subject and asks:

What can this entity do?

Useful results should include:

protected object ID and name;
object kind/type;
allowed actions;
tenant boundary;
source role assignment or direct policy;
source permission block;
principal group source when access is inherited through a group.

Example

meter-001
  can publish telemetry
  source: role Plant-A Publisher
  source permission block: Plant-A channels -> publish

Common Filters

Operators usually filter by tenant, object type, action, status, and group boundary.

Previous

Authorization Explain

Next

Resource Access

On this page

Example Common Filters