Access policies

Policies in Hiphops are templates that provide bundles of permissions on resources. They may contain parameters which can be provided on a role by role basis. This allows each role to grant access to different resources, whilst providing the same bundle of permissions.

In this way we’re able to use more granular permissions to build something more meaningful - e.g. allowing WRITE and CREATE access on specific registry endpoints creates push policy.

Your project contains several system defined policies that cover common use cases and can be further configured via roles.

Listing policies

• Can be listed via dashboard as part of role creation flow
• API with GET /api/v1/iam/{project_id}/policies

Note: Policy string arrays may contain $param_name values - these can be overwritten on a role by role basis via parameters.

Creating a policy

Creating custom policies is currently not supported other than by request to support. We’ll be bringing an awesome policy writer UI soon, so watch this space.