Creating Access Control Policies

RealTheory supports both Role-Based Access Control (RBAC) and discretionary access control (DAC).

With DAC, organizations can manually set permissions on one or more clusters, or automatically set permissions at scale through access control policies. Access control policies provide a scalable and flexible mechanism to manage access to resources and data in an enterprise organization.

Prerequisites

To create access control policies, you need the following:

• Groups and Users:
• • Users are individuals within the system who can be authenticated
  • Groups are collections of Users that share common access needs within the system
• Cluster labels: RealTheory labels allow you to associate meaningful and relevant attributes to resources. They can be used to automate and scale discretionary access control through access control policies
  How to Leverage RealTheory Labels to Streamline Scalability and Automation describes how you might plan and design a labeling protocol for scalability and automation.

Procedure

1. As a user with the following roles, navigate to Settings > Access Management > Access Control Policies:

• • sys_admin, or
  • all of: permissions_admin and group_admin and user_admin

2. Click Enable access control policies if the feature is not already enabled.
3. If no access control policies have been previously configured, you will see only the default access control policy.