Important Update: Some Community URL Redirects are Under Maintenance. Learn More. .

cancel
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable

Continuing the RSA Archer Platform 6.4 feature series of blog posts and Free Friday Tech Huddles, today we are going to go look at a tool for all the Admins out there that provides an interface for analyzing complex record permissions, the Effective Permissions Investigation Console (EPIC)

When I was a client admin of Archer in my prior role, it seemed like we received the same permissions related question at least once a week. Namely, "I'm a newly hired peer of X, and we are supposed to have the same access, but I can't edit Record 123 while X can."

An answer to that question previously could take days, even weeks, in complex permissions environments where the admin pours over Access Role configurations, group membership and nesting, and permissions rules and defaults. Sometimes an answer couldn't be found, and so more complexity in the form of new permissions were added to "resolve" the access issue.

Introducing...

Archer EPIC Logo 1.png

System Administrators and Application Owners can launch EPIC from any piece of content to which they have access using the "Access" button on the top-right toolbar. System Administrators and anyone granted rights to EPIC via an Access Role can additionally launch EPIC from the Administration Menu using the "Investigate Access" link. For more details on the access rights, operation, interpretation, and more of EPIC, please visit the topic "Effective Permissions Investigation Console (EPIC)" in your Platform 6.4 Help.

pastedImage_6.png

pastedImage_9.png

When launched from content, the Content ID will automatically populate, while from the Administration Menu it becomes a blank and required field. Select the users you wish to analyze from the user picker, then click on "Check" to display the Summary view for the selected users against the specified piece of content.

EPIC-Summary.png

This view displays:

  • The Content Permissions the user is being extended as a result of their selection in a Record Permissions field by name or group membership.
  • The potential Module Permissions the user is capable of based on their Access Role membership.
  • The overall Effective Permission the user has to the content based on the sum of their Content and Module permissions.

 

 

If more granularity on the permissions composition is desired, switch over to the Details view, which breaks down what the Content and Module permissions are comprised of by listing the Access Role(s) and/or Record Permissions Field(s) that are extending access.

EPIC-Details.png

With these EPIC results, that all too often asked permissions question is hopefully much easier for you to answer.

I hope you are as excited about this feature as I am, and additionally hope you'll join us on the upcoming Free Friday Tech Huddle sessions to see this, and other, features in action, as well as stay tuned to the blog for more updates on these exciting features of RSA Archer Platform 6.4!

 

Happy Archering, everyone!

UPDATE: The slides from the Free Friday Tech Huddle are posted: https://community.rsa.com/docs/DOC-93276