Core Concepts
Anchor keeps its object model explicit so operators can trace access from intent to evidence.
Users represent people or service actors that authenticate to Anchor and receive permissions. Permissions can be global or scoped depending on the action.
Scopes
Section titled “Scopes”Scopes group resources and define an administrative boundary. They are the starting point for delegated operations and review.
Resources
Section titled “Resources”Resources are managed targets such as Linux hosts, accounts, databases, or other infrastructure objects. Each resource carries metadata, ownership, status, and policy relationships.
Policies
Section titled “Policies”Policies describe how a resource is accessed, verified, rotated, reconciled, and reviewed.
Jobs and ledger events
Section titled “Jobs and ledger events”Execution jobs represent operational work. Ledger and log events preserve what happened, when it happened, who initiated it, and what context was available.