> For the complete documentation index, see [llms.txt](https://docs.apono.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.apono.io/docs/access-flows/create-bundles.md).

# Create Bundles

**Bundles** allow admins to manage access to integrations, roles, resources, and access scopes by grouping them together.

Bundles offer you the following benefits:

* Streamline the access request process for users
* Integrate easily with existing [access flows](/docs/access-flows/access-flows.md)
* Minimize administrative overhead through centralized management

***

### Prerequisite

<table><thead><tr><th width="202">Item</th><th>Description</th></tr></thead><tbody><tr><td><strong>Cloud Resources</strong></td><td><p>One or more resources in a cloud platform that has been integrated with Apono<br><br>If you have not already, integrate Apono with a cloud platform to control access to its resources:</p><ul><li><a href="/pages/XnEdLdWUhsNqPBJJwaQU">AWS integrations</a></li><li><a href="/pages/T88Xlh1cOFcLTKsgCUeX">Azure integrations</a></li><li><a href="/pages/oAecduSreroNg11JU6uw">GCP integrations</a></li><li><a href="/pages/L6TxTfv7la9gqSsv8eFG">Kubernetes integrations</a></li></ul></td></tr></tbody></table>

***

### Create a bundle

<figure><img src="/files/fBpllzCiPSP6Lm0dLfI1" alt="" width="563"><figcaption><p><em>Create Bundle page</em></p></figcaption></figure>

Follow these steps to create a bundle from the Apono admin portal:

1. On the [**Bundles**](https://app.apono.io/bundles) page, click **Create Bundle**. The **Create Bundle** page appears.

{% hint style="success" %}
If [Space Management](/docs/user-administration/space-management.md) is enabled, select a space from the space selector at the top of the page to create a space-specific bundle.

If no space is selected, the bundle will be created at the global account level.
{% endhint %}

2. Enter a **Bundle name**.

{% hint style="success" %}
This name will identify the bundle on the **Bundles** page and when [creating access flows](/docs/access-flows/creating-access-flows-in-apono.md).
{% endhint %}

3. Define the bundle.

{% tabs %}
{% tab title="Resources" %}
Follow these steps to select the resources:

1. Click **Basic**.
2. Filter the resources by one or more of the following filters. Resources matching the selected filters display.

{% hint style="success" icon="lightbulb" %}
To create complex queries, click **AQL** to build a query in the code box.

The [Apono Query Language](/docs/inventory/apono-query-language.md) enables you to extend your query capabilities beyond the standard options available with the UI.
{% endhint %}

<details>

<summary>Integration</summary>

Follow these steps to filter by integration:

1. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
2. (Optional) In the **Search** field, enter a value to filter the list of integrations.
3. Select one or more integrations. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Type</summary>

Follow these steps to filter by resource type:

1. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
2. (Optional) In the **Search** field, enter a value to filter the list of resource types.
3. Select one or more resource types. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Name</summary>

Follow these steps to filter by resource name:

1. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
   * **Contains (a\*b)**
   * **Does not contain (!a\*b)**
   * **Starts with (\*b)**
   * **Ends with (a\*)**
2. (Optional) In the **Search** field, enter a value to filter the list of resource names.
3. (**Equals**, **Not Equals** only) Select one or more resource names. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

<details>

<summary>Permission Name</summary>

Follow these steps to filter by permission name:

1. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
   * **Contains (a\*b)**
   * **Does not contain (!a\*b)**
   * **Starts with (\*b)**
   * **Ends with (a\*)**
2. (Optional) In the **Search** field, enter a value to filter the list of resource names
3. (**Equals**, **Not Equals** only) Select one or more permission names. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Path</summary>

Follow these steps to filter by resource path:

1. Click <img src="/files/r9WJSMPLEJ28VwJgRRA2" alt="" data-size="line"> (More filters icon) > **Resource Path**.
2. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
   * **Contains (a\*b)**
   * **Does not contain (!a\*b)**
   * **Starts with (\*b)**
   * **Ends with (a\*)**
3. (Optional) In the **Search** field, enter a value to filter the list of resource paths.
4. Select one or more resource paths. Only the values meeting the criteria will be shown.
5. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Source ID</summary>

Follow these steps to filter by resource source ID (for example, account, folder, project, Azure subscription, or management group IDs):

1. Click <img src="/files/r9WJSMPLEJ28VwJgRRA2" alt="" data-size="line"> (More filters icon) > **Resource Source ID**.
2. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
   * **In (in)**
   * **Not (not in)**
   * **Contains (a\*b)**
   * **Does not contain (!a\*b)**
   * **Starts with (\*b)**
   * **Ends with (a\*)**
3. (Optional) In the **Search** field, enter a value to filter the list of IDs.
4. Select one or more IDs. Only the values meeting the criteria will be shown.
5. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Tag</summary>

Follow these steps to filter by resource tag:

1. Click <img src="/files/r9WJSMPLEJ28VwJgRRA2" alt="" data-size="line"> (More filters icon) > **Resource Tag**.
2. (Optional) In the **Search** field, enter a value to filter the list of resource names.
3. Click the resource name.
4. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
   * **Contains (a\*b)**
   * **Does not contain (!a\*b)**
   * **Starts with (\*b)**
   * **Ends with (a\*)**
5. (Optional) In the **Search** field, enter a value to filter the list of resource tags.
6. (**Equals**, **Not Equals** only) Select one or more resource tags. Only the values meeting the criteria will be shown.
7. Click outside of the menu to close it.

</details>

<details>

<summary>Resource Risk Level</summary>

Follow these steps to filter by resource risk level:

1. Click <img src="/files/r9WJSMPLEJ28VwJgRRA2" alt="" data-size="line"> (More filters icon) > **Resource Risk Level**.
2. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
3. Select one or more resource risk levels. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

<details>

<summary>Permission Risk Level</summary>

Follow these steps to filter by permission risk level:

1. Click <img src="/files/r9WJSMPLEJ28VwJgRRA2" alt="" data-size="line"> (More filters icon) > **Permission Risk Level**.
2. From the dropdown menu, select the [comparative logic](#comparative-logic):
   * **Equals (=)**
   * **Not Equals (!=)**
3. Select one or more pemission risk level. Only the values meeting the criteria will be shown.
4. Click outside of the menu to close it.

</details>

4. Click **Select Resources** to create the bundle.
   {% endtab %}

{% tab title="Access Scope" %}
Follow these steps to select a specific access scope:

1. Click **More Options > Access Scope**. The **Select access scope** menu appears.
2. (Optional) Enter keywords into the search bar to locate an access scope.
3. (Optional) Click <img src="https://lh7-rt.googleusercontent.com/docsz/AD_4nXf6tv7vrABRqb_3sHCQCkp-gGx-9GBQoWehtQXr2GjwUAv4jEwSuTan9BsckFs_R3hKm1zWb86-4gCVU2AUtQspUPRizHDEtlXAPc1m_OyItAOugW6buj8hpUTBGTjgccmKsyn-tQ?key=A4EZtKjLdP_MEnXmQA_WQ-Ky" alt="" data-size="line"> (eye icon). A **Preview Access Scope** pop-up window appears displaying the contents of the access scope.
4. Select an access scope.

{% hint style="success" %}
You can also click **+ Create New Access Scope** if none of the existing access scopes meet your needs. The **Inventory** page appears. You can [create](/docs/inventory/access-scopes.md#create-an-access-scope) and [use](/docs/inventory/access-scopes.md#use-an-access-scope) the new access scope.
{% endhint %}
{% endtab %}

{% tab title="Integrations" %}
Follow these steps to select a specific integration:

1. Click **More Options > Integrations**. The **Select integration** menu appears.
2. (Optional) Enter keywords into the search bar to locate an integration.
3. Select an integration. The **Select resource type** panel appears.
4. Select the resource type.
5. Click **Done**. The panel closes.
6. Click **permissions**. The **Permissions** menu appears.
7. Select one or more permissions to grant the requester.
8. Click outside the window to close it.
9. (Optional) Refine the available resources:
   1. Click in the populated **to** field. A list of resources appears.
   2. Select one or more resources.

{% hint style="info" %}
By default, the user has access to **Any resources**. However, the following options allow you to define access more granularly:

* **Any resources except specific**
* **Select by name**
* **Select by tags**
  {% endhint %}
  {% endtab %}
  {% endtabs %}

4. (Optional) Click **+ Add Resources** and repeat step **3** to include another resource.
5. Enter a **Description** that explains the purpose of the bundle.
6. Click **Cave Bundle**. The new bundle appears on the **Bundles** page.

After creating a bundle, you can [add the bundle to an access flow](#add-a-bundle-to-an-access-flow).

***

### Comparative Logic

The following tables explain the filter comparative logic.

<table><thead><tr><th width="180">Logic</th><th>Description</th></tr></thead><tbody><tr><td><strong>Equals (=)</strong></td><td><p>Checks if values are the same<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Resource Type</strong> equals <strong>DynamoDB Table</strong></li><li><strong>Resource Status</strong> equals <strong>ACTIVE</strong></li></ul><p>After filtering by this value, you can select the exact resources to include in your filtered query.</p></td></tr><tr><td><strong>Not Equals (!=)</strong></td><td><p>Checks if values are different<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Integration</strong> does not equal <strong>AWS Playground</strong></li><li><strong>Resource Type</strong> does not equal <strong>S3 Bucket</strong></li></ul><p>After filtering by this value, you can select the exact resources to include in your filtered query.</p></td></tr><tr><td><strong>Contains (a*b)</strong></td><td><p>Checks if a value contains another value as a substring or pattern<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Resource Name</strong> contains <em>playground</em></li><li><strong>Resource Tag</strong> contains <em>true</em></li></ul></td></tr><tr><td><strong>Does not contain (!a*b)</strong></td><td><p>Checks if a value does NOT contain another value as a substring or pattern<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Resource Name</strong> does not contain <em>production</em></li><li><strong>Permission Name</strong> does not contain <em>admin</em></li></ul></td></tr><tr><td><strong>Starts with (*b)</strong></td><td><p>Checks if a value begins with a specific value or pattern<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Resource Name</strong> starts with <em>aws</em></li><li><strong>Resource Tag</strong> for a <strong>region</strong> starts with <em>eu</em></li></ul></td></tr><tr><td><strong>Ends with (a*)</strong></td><td><p>Checks if a value ends with a specific value or pattern<br></p><p><strong>Examples</strong>:</p><ul><li><strong>Resource Name</strong> ends with <em>terraform-state</em></li><li><strong>Resource Tag</strong> for an <strong>env</strong> ends with <em>dev</em></li></ul></td></tr></tbody></table>

***

### Add a bundle to an access flow

After [creating a bundle](#create-a-bundle), you can incorporate the bundle into an access flow to streamline access requests.

Follow these steps to add a bundle to an access flow:

1. Define the permitted requesters for the bundle ([ Self Serve ](/docs/access-flows/creating-access-flows-in-apono/self-serve-access-flows.md#define-permitted-requestors)| [Automatic ](/docs/access-flows/creating-access-flows-in-apono/automatic-access-flows.md#define-permitted-users)).
2. Define access to the bundle ([ Self Serve ](/docs/access-flows/creating-access-flows-in-apono/self-serve-access-flows.md#bundles)| [Automatic ](/docs/access-flows/creating-access-flows-in-apono/automatic-access-flows.md#bundles)).
3. (Self Serve only) [Set the access duration ](/docs/access-flows/creating-access-flows-in-apono/self-serve-access-flows.md#set-the-duration-of-access)of the bundle.
4. Click **Create Access Flow** (Self Serve) or **Review and Create > Create and Grant** (Automatic).

After adding the bundle to an access flow, end users will be able to request access to the bundle in [Slack](/docs/access-requests-and-approvals/slack/requesting-access-with-slack.md), [Teams](/docs/access-requests-and-approvals/teams/requesting-access-with-teams.md), [CLI](/docs/access-requests-and-approvals/cli/requesting-access-with-cli.md), or the [Apono User Portal ](/docs/access-requests-and-approvals/web-portal/requesting-access-with-web-portal.md).


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.apono.io/docs/access-flows/create-bundles.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.