»Scopes

A scope is a permission boundary modeled as a container. There are three types of scopes in Boundary: A single global scope which is the outermost container; organizations (orgs) which are contained by the global scope; and projects which are contained by orgs. Each scope is itself a resource.

»Global

The global scope is the outermost scope. There is always a single global scope and it cannot be deleted. The global scope can directly contain: users, groups, auth methods, and organizations.

»Organizations

An org is a scope directly contained by the global scope. There can be multiple orgs within the global scope. An org can directly contain: users, groups, auth methods, roles, and projects.

»Projects

A project is a scope directly contained by an org scope. There can be multiple projects within an org. A project can directly contain: roles, targets, and host catalogs

»Attributes

A scope has the following configurable attributes:

  • name - (optional) If set, the name must be unique within the scope's parent scope.

  • description - (optional)

»Referenced By

»Service API Docs

The following services are relevant to this resource: