Attribute-Based Access Control (ABAC) - CI/CD Glossary Definition
Attribute-based access control decides access by evaluating attributes of the subject, resource, action, and environment against a policy, allowing fine-grained, context-aware rules.
RBAC vs ABAC
RBAC checks role membership; ABAC checks conditions like "branch is main and requester is in team X". ABAC is more flexible but harder to audit.
In CI/CD
Cloud OIDC trust conditions are ABAC-like: access is granted only when token claims (repository, ref, environment) match the policy.
Related guides
Role-Based Access Control (RBAC) - CI/CD Glossary DefinitionRole-Based Access Control (RBAC): Role-based access control grants permissions to roles rather than directly…
Claim - CI/CD Glossary DefinitionClaim: A claim is a name-value statement carried inside a token, such as `sub`, `iss`, or a custom field, tha…
Authorization - CI/CD Glossary DefinitionAuthorization: Authorization is deciding whether an already-authenticated identity is permitted to perform a…