Manage action groups

Permissions grant access to do a specific operation on resources that are protected by Verify Identity Access.

Verify Identity Access provides 17 predefined permissions for immediate use. These permissions are stored in the predefined action group named primary.

Each permission is associated with an action bit. These predefined permissions are described in Default permissions in the primary action group.

Verify Identity Access can create resource manager-specific permissions. For example, you can define the Enqueue permission to grant access to put messages in a message queue.

Verify Identity Access supports a total of 32 action groups, including the primary action group.

When you define an action group, the following guidelines and limitations apply:

Each action group can hold up to 32 action bits (including the action bits for the 17 predefined permissions).
An action bit is made up of a letter: a-z, A-Z.
Each action bit character can be used only one time in an action group.
You can reuse the same action bit in other action groups.