Servers 3.4.380 and later
- Last UpdatedMar 04, 2025
- 1 minute read
On Data Archive 3.4.380 and later, resources can define access permissions for an unlimited number of PI identities, as the following illustration shows.
Although the illustration shows PI identities, you can also define access permissions for PI users and PI groups. There is no limitation on the number of users or groups. There is no longer any concept of a resource owner or group, as there was in previous versions of Data Archive.
Data Archive stores the settings for each object in an access control list (ACL). Each secure object on Data Archive has an ACL that defines access permissions for that object. The ACL lists each identity for which access permissions are set on that object. The ACL for the TEST_POINT data in the illustration above would look like this:
Identity1:A(r,w) | Identity2:A(r,w) | Identity3:A(r) | IdentityN:A(r,w)
Access permissions for each PI identity are separated by a pipe (|) symbol. Each entry consists of the PI identity name, then a colon (:) followed by the access specifier. The access specifier is defined in the format: A(r,w). The A in this notation stands for Allow and r,w indicates the allowed access rights – read and write, in this example.