The Identity Permissions Explorer is included in our Metacoda Security Plug-ins software. It is used to easily see what level of access an individual has across the various objects in your SAS metadata repository, including libraries, tables, cubes, folders, information maps, reports, stored processes etc. It makes it very easy to spot, at a glance, areas where a user has more, or less, permissions than would be expected.
Key features in the Identity Permissions Explorer:
- Access level badges/labels: simplify the set of individual effective permissions making it easy to see and understand, at a glance, what level of access those permissions represent in terms of ability to view and update etc. Access level columns are also sortable so you can readily see all of the objects the user has most access to and all of the objects they have least access to.
- Identities table: displays a list of all users and groups registered in metadata together with information about those identities. The table can be customized by hiding or showing columns, re-ordering or re-sizing columns, and sorting rows by any of the available columns.
Search facility: use the filter bar to quickly find a specific identity of interest. Selecting an identity allows you to see their effective permissions across multiple objects.
Folders tab: shows the SAS metadata folder tree together with Access Level Badges/Labels that show the level of access the selected identity has across all folders. You can very quickly scan through the tree looking for trouble spots where the identity has no access or more access than they should.
Libraries tab: shows all SAS libraries registered in metadata together with Access Level badges that show the level of access the selected identity has. You can very quickly scan through the list looking for libraries they can see, libraries they can manage, and libraries that are hidden from them.
- Object search tab: provides the ability to search for a variety of objects, list them together with Access Level badges and see the level of access the selected identity has on those objects. Searches can be done by name, description, across model or public types and have limits to avoid displaying too many objects. You can use this to list all of the stored process, reports, cubes etc., regardless of where they are in the metadata folder tree. You could also locate all objects that have a specified string in their name or description to see which ones the selected user can access.
HTML export: find and select a user or group identity and then export an HTML (or CSV) report showing their effective permissions and access levels across a wide range of objects including the entire metadata folder tree, all available libraries, or a set of metadata search results.
- Security Test XML export: export test specifications in Metacoda Security Test XML format for use in the Testing Framework. Regular testing can be scheduled to automatically detect deviations from this baseline and trigger email alerts.
APPLICATIONSSAS Platform Administrators will find the Identity Permissions Explorer useful to:
- Find out which folders in the SAS metadata tree users can access, add contents to, and delete.
- Identify which stored processes registered in metadata a user can see, run or modify, or are hidden from that user.
- Determine which permissions a group may have on defined SAS libraries.
- Create an HTML identity permissions report suitable for auditing.
LICENSING & EVALUATION
The Identity Permissions Explorer is available in our Metacoda Security Plug-ins Basic and Enterprise level packages. We offer three license package levels: Starter, Basic and Enterprise. Read our licensing page to find out which package is best for you.
Register today to:
- start using our free Metacoda Utility Plug-ins
- start using our free Metacoda Custom Tasks
- request a free 30 day evaluation license to trial our commercial software, Metacoda Security Plug-ins.
If you have any questions, please contact us.