All entities have a set of handlers that control specific pieces of functionalities. One handler in particular handles access control. When the access handler is not specified, the base \Drupal\Core\Entity\EntityType module will implement \Drupal\Core\Entity\EntityAccessControlHandler as the access handler. By default, this will check whether any modules have implemented hook_entity_create_access or hook_entity_type_create_access and use their opinions. Otherwise, it defaults to the admin permission for the entity type, if implemented.

In this recipe, we will provide an admin permission for our entity along with create, update, view, and delete permissions for each of the entity's bundles. We will ...