Defining Targets

Defining Targets

You should define Targets in each policy that are used inside the Access Management module (AM). Targets can be users or things (scripts).
Targets are to whom or to what you are giving the permissions.

Currently, you can select Run Users and Analysis as targets.

You can add more Targets of the same type as wished. An operation OR is applied. Therefore, as you add more targets the options will be more inclusive, like:   'Apply the permissions below for the users using this tag OR this tags OR ....' 

Run User represents the person or organization that signed up in your Run application - they are shown in your list of Users.



Type of Fields

Target matching is performed in one of these ways:

  1. ID =  select a target from the list.
  2. Tag =  match using tags from your target. Learn more about the Tags System.
    • Tags are composed of two fields: Tag key and Tag value
    • You can manually edit the tags for each user, or run scripts for that. Learn more about User Management
    • For example, Joe Doe has a Tag key = user_level, and Tag value=supervisor. If you create a policy with Targets using the same tags, the selected permissions will be granted for Joe Doe.

  3. Tag Match = the match is automatically by searching for those Tag Keys of the select target.
    1. Run User: tag keys presented in your users will be listed.
    2. Analysis: only tag keys presented in your Analysis will be listed.
The Tag Match option reduces the number of policies as you can create a single Policy that would grant access to all users or analysis that match the same tag keys.

   4. ANY = all will be automatically included.


    • Related Articles

    • Defining Permissions

      You need to setup Permissions in order to define what type of resources your Targets will be allowed/denied to access. The resources available to grant permission will depend on the Target you select, and the rules will depend on the resource ...
    • Creating a Policy

      You can create individual policies to securely grant access to certain resources in your account for pre-defined targets.  You create Targets (e.g. users) and determine which type of resource Permissions (e.g. dashboards) they will have.  You can ...
    • Access Management

      Access Management (AM) is a module that helps you securely grant access to certain resources in your account. You create Targets (users or things) and determine which type of Permissions for the resources they will have. Some examples of how AM can ...
    • User Management

      You can visualize and control all users that sign up in your application under the User Management module. When you create and deploy your solution using TagoRun, all users that sign up will be listed in this area. You can grant or remove access, ...