Actual permissions available per resource and per credential group.
Credentials of the entity that wants to use the resource.
Requested access modes per resource.
Actual permissions available per resource and per credential group.