Focus
Focus
Table of Contents

PAN Resource Names

Learn how to use access policy resource names for tenant mapping through the
Common Services
.
When assigning an access policy to a user or a service account (such as in mapping a tenant for SAML authorization purposes), the PAN Resource Name identifies the tenant or tenant service group (TSG) hierarchy where you are applying access policies.

Properties for Predefined Roles

The properties available for assigning an access policy with a predefined role follow:
Property
Description
Required
predefined_role_name
The role name as listed in all roles, not as displayed in the UI label.
Required
prn
Property resource name. Must be "prn".
Required
tsg_id
The tenant service group ID as displayed in the UI.
Required
app_id
See the documentation for specific apps.
Optional
region
Reserved
Reserved
instance
Reserved
Reserved
resource_scope
Reserved
Reserved
Use the properties in the following format: <predefined_role_name>@prn:<TSG_ID>:<app_id>:<region>:<instance>:<resource_scope>
Example:
superuser@prn:1234567890::::

Properties for Custom Roles

The properties available for assigning an access policy with a custom role follow:
Property
Description
Required
custom_role_id
The role ID as displayed in the Custom Role ID column in the format of
name:number
.
Required
prn
Property resource name. Must be "prn".
Required
tsg_id
The tenant service group ID as displayed in the UI.
Required
app_id
See the documentation for specific apps.
Optional
region
Reserved
Reserved
instance
Reserved
Reserved
resource_scope
Reserved
Reserved
Use the properties in the following format: <custom_role_ID>@prn:<TSG_ID>:<app_id>:<region>:<instance>:<resource_scope>
Example:
role:0987654321@prn:1234567890::::

Recommended For You