Access Scopes

Create and view access scopes

Access Scopes extend the value of the Inventory page by allowing you to save and use your queries as dynamic, reusable groups of resources:

  • Perform future resource analysis

  • Build access flows with access scopes

These scopes automatically update as new resources matching the criteria are discovered across your integrations. Apono syncs integrations every hour.

For example, you can create an access scope such as Production Read Access to identify all resources with read permissions in production. Then, you can build an access flow with the Production Read Access scope. As new resources are added through your Apono integrations, they automatically become part of the saved scope, ensuring that future access requests include all applicable resources.

Create an access scope

Save Access Scope popup window

Follow these steps to create an access scope:

  1. Filter the list of resources.

  2. Click Save Access Scope. The Save Access Scope popup window appears.

  3. Enter an Access Scope Name.

  4. Click Save Access Scope. The access scope is saved and appears as the selected access scope.

You can now use the access scope to build an access flow or periodically view the list of resources that meet the access scope's criteria.

Ensure that the access scope criteria are narrowly defined. Access scopes automatically adjust as new resources matching your criteria are identified across integrations. Broad or overly permissive criteria may inadvertently grant unauthorized user access.

Use an access scope

After creating an access scope, you can use the access scope in an access flow.

Option
Description

Use in a new access flow

Follow these steps to apply the access scope to a new access flow:

  1. Click Use in access flow. A popup window appears.

  2. Click Use in New Access Flow.

  3. Create an access flow.

Use in an existing access flow

Follow these steps to apply the access scope to an existing access flow:

  1. Click Use in access flow. A popup window appears.

  2. Beside an existing access flow, click Use. The access scope is added as a set of resources within the access flow.

View an existing access scope

Inventory page with selected access scope

Follow these steps to select an access scope:

  1. On the Inventory page, click the Saved Access Scope dropdown menu.

  2. (Optional) Enter the name of the access scope in the search field.

  3. Select the access scope. The list of resources will be filtered by the criteria of the access scope.

Delete an access scope

Saved Access Scope dropdown menu

Follow these steps to delete an access scope:

  1. On the Inventory page, click the Saved Access Scope dropdown menu.

  2. Click (trash icon) next to the access scope to delete. A confirmation window appears.

An access scope can only be deleted if it is not associated with an access flow. If an access scope is linked to one or more access flows, a popup window will appear with links to the relevant access flows:

  1. Click each link to open the associated access flow.

  2. Remove the access scope from the access flow.

After you have removed the access scope from all access flows, return to the Inventory page to delete the access scope.

  1. Click Yes.

PreviousInventoryNextRisk Scores

Last updated

Was this helpful?