Term · 3. Account Management & Provisioning
Access Control Rules ACR
Definition
Specific permissions or policy statements defining who can access what under which conditions. In RBAC: role-permission mappings. In ABAC: policy rules evaluating subject/object/action/environment attributes. Stored in policy stores (AD ACLs, AWS IAM policies, OPA bundles, application authorization tables).
- Application
- Modern policy-as-code approach: store rules in source control, peer review, automated testing. Languages: AWS IAM JSON, GCP IAM YAML, Rego (OPA), Cedar (AWS Verified Permissions), XACML 3.0.
Related terms
-
Access Request Process
Access Request Process is the structured set of steps through which a subject (such as a user, service account, or appli …
-
Account Management
Account management is the set of administrative and technical processes used to create, modify, disable, and delete user …
-
Aggregation (Aggr)
Process of collecting account and entitlement data from target systems into the IGA platform. Foundation for reconciliat …
-
AI Agent Credential Lifecycle Management
Specialised lifecycle workflows for AI agent credentials — provisioning short-lived tokens scoped to specific tasks, rot …
-
AI Agent Lifecycle Management
Discipline of provisioning, monitoring, updating, and decommissioning AI agents as first-class enterprise identities. Mi …
-
Application Access Governance (AAG)
Application-specific identity governance — managing entitlements within a specific application (Salesforce, SAP, Workday …