ACF2 resource rule question about what kind of access does ALLOW give?

book

Article ID: 185911

calendar_today

Updated On:

Products

CA ACF2 CA ACF2 - DB2 Option CA ACF2 for zVM CA ACF2 - z/OS CA ACF2 - MISC CA LDAP Server for z/OS CA PAM Client for Linux for zSeries CA Web Administrator for Top Secret

Issue/Introduction

When assigning access to a General Resource Rule, if you assign ALLOW access, what kind of access does ALLOW give?  

Environment

Release : 16.0

Component : CA ACF2 for z/OS

Resolution

When specifying ALLOW on a resource rule it will give access to what is specified in the SERVICE value. If no SERVICE keyword is specified, all services are the default. So in effect, if SERVICE is not specified the user is granted access to READ, ADD, UPDATE, DELETE, EXECUTE.

Additional Information

Please see documentation for further guidance https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/administer-rules/resource-rules/resource-rule-entries.html