Expand all | Collapse all
PAN Resource Names
Learn how to use access policy resource names for tenant mapping through the
Common Services
.
When assigning an access policy to a user or a service account (such as in
mapping a tenant for SAML authorization purposes), the PAN Resource Name
identifies the tenant or tenant service group (TSG) hierarchy where you are applying
access policies.
Properties for Predefined Roles
The properties available for assigning an access policy with a predefined role
follow:
Property | Description | Required |
|
The role name as listed in all roles, not as displayed in the
UI label. | |
|
Property resource name. Must be "prn". | |
|
The tenant service group ID as displayed in the UI. | |
|
See the documentation for specific apps. | |
|
|
|
Use the properties in the following format:
<predefined_role_name>@prn:<TSG_ID>:<app_id>:<region>:<instance>:<resource_scope>
Example:
superuser@prn:1234567890::::
Properties for Custom Roles
The properties available for assigning an access policy with a custom role
follow:
Property | Description | Required |
|
|
Property resource name. Must be "prn". | |
|
The tenant service group ID as displayed in the UI. | |
|
See the documentation for specific apps. | |
|
|
|
Use the properties in the following format:
<custom_role_ID>@prn:<TSG_ID>:<app_id>:<region>:<instance>:<resource_scope>
Example:
role:0987654321@prn:1234567890::::
