Abbey Docs
Sign UpSign In
Search
K
Links
Comment on page

Key Concepts

Grant Kits

Grant Kits are what you configure in code to control and automatically right-size permissions for resources. A Grant Kit has 3 components:
  1. 1.
    Workflow to configure how someone should get access.
  2. 2.
    Policies to configure if someone should get access.
  3. 3.
    Output to configure how and where Grants should materialize.

Access Requests & Approvals

Access Requests are automated processes for someone to be granted access to a Resource. An Access Request typically involves:
  1. 1.
    A policy check, typically against a list of security and compliance policies.
  2. 2.
    A list of steps, with each step having a list of reviewers required to approve or deny the request.
  3. 3.
    A Terraform-native code change, backed by your Version Control System and Pull Requests.

Access Grants

Grants are the result of an approved access request without any policy violations.

Resources

Resources are what people access. A Resource can be coarse- or fine-grained to any granularity.
Some examples are:
  1. 1.
    Role-Based Access Control (RBAC) such as Okta Groups, Google Groups, AWS IAM Profiles, or GitHub Teams.
  2. 2.
    Direct Access to a database cluster, a database, a table, a Trino query, or a streaming or batch job.
  3. 3.
    Direct Access to an an API cluster, instance, or a bastion.
  4. 4.
    Access to a Tailscale VPN.
  5. 5.
    Federated Access to any of the above through RBAC.
How Abbey Works - Previous
How Abbey Works
Next - Build a Grant Kit
Get a Starter Kit
Last modified 3mo ago