cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Rules and authorizations in SAS Viya

Posted 10-17-2018 06:16 AM (2115 views)

Hi,

 

the identity, authorizations and rules in SAS Viya is definetely a very exciting world. While for most of actions the GUI is OK, there are many cases where the CLI or Rest-API interfaces can help greatly. This is the area I am mostly exploring at this moment.

 

I have a question with Darrel, where @ShelleySessoms is helping me in communications with him. 

https://communities.sas.com/t5/Administration-and-Deployment/Join-us-for-our-next-SUGA-Webinar-on-Oc...

In parallel, I saw a very related and interesting question open by @mimran and being answered by Super_FREQ @Madelyn_SAS with lots of information.

https://communities.sas.com/t5/Administration-and-Deployment/How-to-grant-or-restrict-user-access-in...

 

But I have a problem, after having a profile, successfully login in (with my user which has capabilities as SAS Administrator as well), I can do many operations, but the following command returns a list, but empty, only the headers

/opt/sas/viya/home/bin/sas-admin --output text authorization list-rules

 

Is it possible that the command won't return the rules that are set by default with a Viya installation? 

It would be great to see everything.

 

I feel very curious about your insights. specially Darrel's ( @ShelleySessoms ) and @Madelyn_SAS 's.

 

Thank you in advance!

 

Kind regards, 

Juan

 

 

0 Likes
Reply
9 REPLIES 9
alexal
SAS Employee alexal
SAS Employee

Re: Rules and authorizations in SAS Viya

Posted 10-17-2018 08:24 AM (2096 views)  |   In reply to JuanS_OCS

@JuanS_OCS,

 

That command should list the authorization rules from /authorization/rules. What do you see if you open https://<SAS_VIYA_FQDN>/authorization/rules?

0 Likes
Reply
ShelleySessoms
Community Manager ShelleySessoms
Community Manager

Re: Rules and authorizations in SAS Viya

Posted 10-17-2018 08:28 AM (2093 views)  |   In reply to JuanS_OCS

Darrell says, "I assume I’m doing the same things he is. I’m seeing all the rules when I run the CLI command as a SAS Administrator." He suggests contacting tech support. Since @alexal is on the thread, you're good there. Thanks!

0 Likes
Reply
PaulHomes
Rhodochrosite | Level 12 PaulHomes
Rhodochrosite | Level 12

Re: Rules and authorizations in SAS Viya

Posted 10-17-2018 08:53 PM (2068 views)  |   In reply to JuanS_OCS

Hi @JuanS_OCS,

 

When I was doing some work with the REST API, I was also seeing a filtered list of rules returned (dozens instead of hundreds), which appeared to be related to not opting in to the assumable group SASAdministrators. I just tried the CLI when logged in as an admin and it returned hundreds of rules. When logged in as a normal user it returned less than 50 rules. I don't see any CLI option to opt in/out of assumable groups so perhaps double check you are logged in as a member of SASAdministrators?

 

Cheers
Paul

 

Reply
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: Rules and authorizations in SAS Viya

Posted 10-18-2018 03:03 AM (2058 views)  |   In reply to PaulHomes

Thank you, @ShelleySessoms@alexal and @PaulHomes !

 

@alexal, @PaulHomes,

From the RestAPI URI:

  • if I log in, with my user, without assuming SAS Administrator, I indeed get a fre rules.
  • if I log in, with my user, assuming SAS Administrator, I get more rules. Not sure if it is the full set. but at least larger quantity.

 

From the CLI:

  • When I log in, with my user, I have no option to assume SAS Administrator role.
  • The list of rules is completely empty.

 

@alexal, could you please check this? I checked by now 4 different installations of Viya 3.3, at customers are at my server, and all of them give same results.

 

@PaulHomes, agreed! A prompt or parameter in CLI to assume, or not, Custom Groups, at least SAS Administrator, would be great.

That one goes to the ballot right away.

0 Likes
Reply
alexal
SAS Employee alexal
SAS Employee

Re: Rules and authorizations in SAS Viya

Posted 10-18-2018 08:20 AM (2043 views)  |   In reply to JuanS_OCS

@JuanS_OCS,

 

Here is what I see on my SAS Viya 3.3 server:

 

1____sas-admin_authorization_list-rules__ssh_.png

0 Likes
Reply
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: Rules and authorizations in SAS Viya

Posted 10-19-2018 04:26 AM (2024 views)  |   In reply to alexal

THank you @alexal

Maybe there is a difference, on how my user is configured, or how I do log in, from what you do.

 

Could you please share your user set up and login process?

0 Likes
Reply
alexal
SAS Employee alexal
SAS Employee

Re: Rules and authorizations in SAS Viya

Posted 10-19-2018 06:52 AM (2019 views)  |   In reply to JuanS_OCS

@JuanS_OCS,

 

Sure.

 

2____sas-admin_authorization_list-rules__ssh_.png

0 Likes
Reply
JuanS_OCS
Amethyst | Level 16 JuanS_OCS
Amethyst | Level 16

Re: Rules and authorizations in SAS Viya

Posted 10-21-2018 10:58 AM (1989 views)  |   In reply to alexal

Hi @alexal,

 

thank you. So I see I am doing nothing different than you, unless that loging with a created profile does make a difference.

Tried also without profile, and I am getting the same, on several Viya environments.

 

 

0 Likes
Reply
alexal
SAS Employee alexal
SAS Employee

Re: Rules and authorizations in SAS Viya

Posted 10-23-2018 07:25 AM (1963 views)  |   In reply to JuanS_OCS

@JuanS_OCS,

 

I would like to review an output from a command shown below:

 

/opt/sas/viya/home/bin/sas-admin --verbose authorization list-rules
0 Likes
Reply

suga badge.PNGThe SAS Users Group for Administrators (SUGA) is open to all SAS administrators and architects who install, update, manage or maintain a SAS deployment. 

Join SUGA 

Get Started with SAS Information Catalog in SAS Viya

SAS technical trainer Erin Winters shows you how to explore assets, create new data discovery agents, schedule data discovery agents, and much more.

Watch Get Started with SAS Information Catalog in SAS Viya on YouTube

Find more tutorials on the SAS Users YouTube channel.

Discussion stats
  • 9 replies
  • ‎10-17-2018 06:16 AM
  • 2116 views
  • 2 likes
  • 4 in conversation