Understanding permissions in Axiom | Axiom Security

When making access requests, or defining Axiom scopes you have to select the relevant Permission/s. This may also be true when authoring automation workflows.

For access requests, this will be the access the selected Principal will be granted if the request is approved. For scopes, this defines the type of access an Axiom user can request or approve.

"Permission" represents different things, depending on the system (integration) that is selected.

System	What the Permission/s represent
Amazon Web Services (AWS)	Permission set
GitHub	- Grant role for repo - Assign user to team
Google Cloud (GCP)	Role
Google Workspace (GWS)	- Add user to group - Assign role to user
Jumpcloud	- Add user to group - Assign role to user
Kubernetes	Role
Microsoft Azure	- Assign role to user - Assign permission to user
Microsoft Entra ID	- Add user to group - Assign role to user
MongoDB Atlas	Axiom-managed roles (Read, Read & Write, Admin)
MySQL	Axiom-managed roles (Read, Read & Write, Admin)
Okta	- Add user to group - Assign role to user
OneLogin	Coming soon
PostgreSQL	Axiom-managed roles
Snowflake	Coming soon

Axiom Scopes

Identity and Access Management in Axiom

Managing access to GitHub

Getting Started with Axiom - Account Owners and Admins

Integrations Overview