ACL grantees

Content Platform Tenant Management Help

Version
9.7.x
File Size
4269 KB
Audience
anonymous
Part Number
MK-95HCPH002-19

An ACL can grant permissions to individual users or to groups of users. An individual user is represented by either an HCP user account or, for object ACLs only, an AD user account. A group can be either all authenticated users or all users (both authenticated and anonymous).

To specify an HCP user account, you can use either the account username or the account user ID. To specify an AD user account, you can use either the account user name followed by an at sign (@) and the AD domain name (for example, sgold@ad-1.example.com) or the security ID (SID) for the account.

To specify the group of all authenticated users, you can use either the name authenticated or this URI:

http://acs.amazonaws.com/groups/global/AuthenticatedUsers

To specify the group of all users, you use either the name all_users or this URI:

http://acs.amazonaws.com/groups/global/AllUsers

The names authenticated and all_users are case sensitive. In the URIs, AuthenticatedUsers and AllUsers are case sensitive.