About Access Control Policies

The access control policy, as part of a trust manifest, allows you to determine who can access what in your environment. Each rule links a role to a user or group, and when published in a trust manifest, they can be associated to a resource. Access control policies are also used to configure view hiding. For more information, see About View Hiding .

Beginning with release 6.5, you can now associate a Rule Type with the trust manifest. This can be one of the following: 

• Allow—The users or groups in this trust manifest are automatically assigned to the role, and can use the permissions or privileges of the role to perform operations on the specified resources.

• Deny—The users or groups in this trust manifest can no longer access the specified resources. This allows you to block a specific user from performing actions on the specified resource.