HCP System Management Help


Specifying an ACL grant

With the Grant property, you can specify an ACL grant using the Find Objects by Permissions window or you can type a value.

Using the Find Objects by Permissions window

To specify an ACL grant using the Find Objects by Permissions window:

1.Click on the select permissions control ( ) next to the value field.

2.In the Find Objects by Permissions window:

oTo query for objects with ACLs that grant permissions to a specified user:

In the Grantee has these permissions section, select any combination of Read, Write, Delete, Read ACL, and Write ACL. ACLs on returned objects can grant more permissions than the ones you select.

If you do not select any permissions, ACLs on returned objects grant any combination of permissions.

In the Tenant or Domain section, type the name of the HCP tenant or AD domain in which the user account of the grantee is defined. If you type an AD domain, precede it with an at sign (@).

In the Grantee Type section, select User.

In the Grantee Name section, type the username of the grantee.

oTo query for objects with ACLs that grant permissions to the user account you’re using to access the Console:

In the Grantee has these permissions section, select any combination of Read, Write, Delete, Read ACL, and Write ACL. ACLs on returned objects can grant more permissions than the ones you select.

If you do not select any permissions, ACLs on returned objects grant any combination of permissions.

In the Grantee Type section, select User.

Leave the Tenant or Domain and Grantee Name fields blank.

oTo query for objects with ACLs that grant permissions to an AD group:

In the Grantee has these permissions section, select any combination of Read, Write, Delete, Read ACL, and Write ACL. ACLs on returned objects can grant more permissions than the ones you select.

If you do not select any permissions, ACLs on returned objects grant any combination of permissions.

In the Tenant or Domain section, type the name of the AD domain in which the group is defined, preceded by an at sign (@).

In the Grantee Type section, select Group.

In the Grantee Name section, type the name of the AD group.

oTo query for objects with ACLs that grant permissions to all users, including those that access the namespace anonymously:

In the Grantee has these permissions section, select any combination of Read, Write, Delete, Read ACL, and Write ACL. ACLs on returned objects can grant more permissions than the ones you select.

If you do not select any permissions, ACLs on returned objects grant any combination of permissions.

In the Tenant or Domain section, type the name of an HCP tenant.

In the Grantee Type section, select Anonymous.

oTo query for objects with ACLs that grant permissions to all authenticated users:

In the Grantee has these permissions section, select any combination of Read, Write, Delete, Read ACL, and Write ACL. ACLs on returned objects can grant more permissions than the ones you select.

If you do not select any permissions, ACLs on returned objects grant any combination of permissions.

In the Tenant or Domain section, type the name of an HCP tenant.

In the Grantee Type section, select Group.

In the Grantee Name section, type authenticated. This value is case sensitive.

3.Click on the Submit button. On the Structured Query page, a value appears in the value field for the Grant property.

Typing a grant value

Values for the Grant property for structured queries use the same formats as values for the aclGrant property for advanced queries. For information on these formats, see aclGrant property.

© 2017 Hitachi Vantara Corporation. All rights reserved.