Create an ACT

  1. From the Folders module, navigate to SAS Foldersthen selectSystemthen selectSecuritythen selectAccess Control Templates.
  2. Right-click Access Control Templates and select New Access Control Template.
  3. In the New Access Control Template window, enter a name and description for the ACT. Click OK.
  4. Right-click the new ACT and click Open. The new ACT opens.
  5. From the drop-down menu, select ACT: Pattern. On the ACT: Pattern page:
    1. Click the plus icon.
    2. In the Add Identities window, search for the identities that you want to add. Enter the first few characters of the identity name and click the search icon.
    3. From the list of identities that meet your search criteria, double-click the users and groups that will have explicit settings in the pattern. Click OK.
    4. On the ACT: Pattern page, click cells and make selections from the lists to define the ACT’s pattern.
      Note: For information about the icons and blank cells in an ACT's pattern, see Icons in Access Management.
  6. Protect the new ACT. For example, one approach is to add an explicit denial of WriteMetadata for PUBLIC and an offsetting explicit grant of WriteMetadata for SAS Administrators.
    Note: It is important to prevent regular users from modifying or removing an ACT.
  7. Save the new ACT.
  8. To use the ACT, apply it to one or more objects.
    Note: The applied ACT contributes its pattern of access controls to the object's protections. The object can also have explicit controls and other applied ACTs (as well as inherited settings).
  9. If necessary, adjust the ACT's pattern. You can change the pattern of an ACT without modifying the objects to which the pattern is applied.
Copyright © SAS Institute Inc. All rights reserved.