About the Policy Catalog

  • Updated on Mar 30, 2025
  • Published on May 15, 2023
  • 2 minute(s) read
Prev Next

The Policy Catalog contains a list of all currently defined Policies regardless of how they were created. This includes those created using the Policy Wizard, those imported as structured Rego code, and Policies created by third party vendors that were discovered and mapped to Platform building blocks.

When a new Policy is created in the Platform, it pulls together all of the elements to create a logical expression of the Organization's authorization requirements. Elements of a Policy include:

  • Assets and Asset Types
  • Identity Attributes
  • Asset Attributes
  • Policy Custom Attributes
  • Actions
  • Rulesets
  • Conditions
  • Applications
  • Scopes

The Policies can then be assigned to existing Dynamic Groups or Dynamic Groups can be created within the process of creating a new Policy. You can configure as many Policies as needed to fulfill the Organization's business requirements.

Using an example of an application (an online knowledge base of Assets such as marketing, sales, and technical information), a Policy might be created to define which departments in the Organization have access to marketing and sales materials, and which can access the more technical materials.

A Policy can be built with one or more Rules. The collection of Rules within a Policy is called a Ruleset. Each Policy will have at least one Ruleset defined for it and this Ruleset must have at least one Rule.

There are several stages for creating a Policy, including:

  • Assigning a Name for the Policy, Policy ID (automatically or manually), and Description (optional).
  • Defining what type of Access Policy it will be (Allow (default value) or Restrict)
  • Selecting whether this Policy can be used for the Dynamic Authorization Service or SaaS Applications.
  • Defining Policy custom attributes at the Environment level to tailor their metadata. For more information, see Policy Custom Attributes.
  • Select which Applications are associated to the Policy
  • Selecting which Dynamic Groups the Policy will be applied to.
  • Define the Assets for which access will be granted or denied by selecting one or more Asset Types and then, based on the Asset Type you select, define the Actions and Rulesets for this Policy.
  • Configuring Conditions for the Policy.

In the Policy Catalog, next to each listed Policy one or more of the following icons may appear:

Icon Meaning
Group 30.png Indicates that the Policy State is set to Inactive and therefore is not considered in the authorization decision.
Restricted 30 better.png Indicates that the Policy Type is Restrictive.
Oval 1.png Indicates that the Policy has not been completed and therefore cannot be used in the authorization decision.