How to obtain access sub-command output for a masked rule.

Key of rule is:

$KEY(*****.DFHSTART) TYPE(SUR) etc.

issuing this command :.

access resource(*****.DFHSTART) type(SUR) class(R)

receives message:
ACF60316 MASKING IS NOT ALLOWED IN THE RESOURCE FIELD

Requesting the access command to interpret the rule $KEY as a literal to find the record, not as a mask.

We should be able to run the access command against all rules.

I can list the rule with or without the single quotes.

Release : 16.0

Component : CA ACF2 for z/OS

The CA ACF2 ACCESS sub-command provides details of users that have access to a particular RESOURCE,

not a particular RULE.

If you want to obtain access permissions from this rule you need to request a resource name that will match

against the key during rule lookup processing.

For example

ACCESS RESOURCE(USER1.DFHSTART) TYPE(SUR) CLASS(R)