Role-based and resource-level policies

Role-based policies are also known as command-level policies because they authorize users with a particular role to execute a set of commands. Resource-level policies authorize a group of users to execute a set of commands on a particular set of resources. For instance, a role-based policy might authorize children to eat. While a resource-level policy might authorize children eat rice.

We can usually determine whether a policy is a role-based policy or a resource-level policy by looking at its name.


Related concepts
Relationships between role-based and resource-level policies
Authorization


Related tasks
Defining access control policy elements using XML


Related reference
Examples: Customize access control policies using the Organization Administration Console