cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
BookmarkSubscribeRSS Feed

What Do I Need to Know About SAS® Viya® Security? Q&A, Slides, and On-Demand Recording

Started ‎04-30-2021 by
Modified ‎08-16-2021 by
Views 3,813
Ask the Expert - What Do I Need to Know About SAS Viya Security.pdf

Watch this Ask the Expert session for an introduction to SAS Viya security and take a deeper look into the new two-tier authorization model introduced with SAS Viya.

 

Watch the webinar

 

Join Bala Arunagirinathan as he teaches you about SAS Viya security. Administrators will gain the knowledge and confidence to design and implement a comprehensive security model for their existing or future SAS Viya projects. During this webinar you will learn:

  • General authorization.
  • CAS authorization.
  • File system authorization.

The questions from the Q&A segment held at the end of the webinar are listed below and the slides from the webinar are attached.

 

Is the security model the same for the latest release of SAS Viya, 2020.1?

Yes, it is the same. SAS Viya 2020.1 is an entirely cloud-based deployment but the application usage and administration is the same.

 

Where should an Admin start first to implement security?

  1. Authentication – bring only the required users from LDAP to Viya (filter)
  2. OS level on the filesystem
  3. General Authorization for the folder contents
  4. CAS Authorization for CAS Libraries

 

Can I get some links for CLI commands so I can apply via CLI commands?

Here are some resources on the Command-Line Interface:

 

Is there a certification for SAS Administration?

Yes, there is a certification for SAS 9.4 and SAS Viya 3.5, but we don’t have one yet for SAS Viya 2020.1. We do have SAS Viya administration training courses.

 

In new SAS Viya implementation, what trainings are provided to the Super Users/Admins?

Here is the SAS Viya 2020.1 training course.

 

Do changes to the configuration come under vendor support with the product or is it the responsibility of the client super-user or the admin?

It is the responsibility of the administrator. Any administrative tasks that are being done should flow through the SAS administrator. They should be creating the custom groups and handling security, but they also need to accurately document everything and put it in a pdf file.

 

Are there any limitations on number of custom groups that can be created in SAS Viya?

No

 

Where are these permissions being saved, is it in a Postgress Database or a SAS Dataset?

Postgress Database

 

When I create any group in SAS Viya, is it required to create those same groups in LDAP?

It’s not necessary, but if you have a good relationship with your back-end LDAP admin, you can ask them to create the group for you and put the users in the LDAP. It updates in Viya every 12 hours and then you will see the group there and you can do your admin there.

 

Can we have nested groups?

Yes, you can have them, but it not recommended. I would keep them at a minimum. It’s easier to troubleshoot the non-nested groups.

 

I have a custom group with six members that have authorizations on objects and containers. For some reason, these authorizations stopped working. I recreated the group (with a different name but same members and same authorizations) and this group has access. Any ideas how to troubleshoot why the first group doesn't have access? Any risk in deleting the first custom group and keeping the second?

You can delete the first group, but let’s figure out why it’s not working first.

 

Is there any documentation that shows what would be the equivalent component in GRID vs Viya (example: SAS WRS in Grid vs Viya?). This would help in migration plan, thank you!

Here are some resources that should be helpful:

 

Is Viya 4 out and do you have any documentation on it?

Yes, it is out and we’re calling in Viya 2020.1. You can find documentation here.

 

How do we control SAS dataset (sas7bdat) access via SAS Environment Manager?

Regarding your question on how to control the SAS dataset permissions, if you are saving your datasets in a filesystem someplace, you need to make sure you set the ACLs permission on the filesystem. Only the users belonging to the groups should be able to Read those datasets. So you will be using the OS commands to secure those datasets. SAS Environment Manager will be used to set the Folder and CASLIB permissions only.

 

Recommended Resources

Orientation to Authorization

SAS Admin Notebook: Folder Security

Intro to SAS Viya Authorization

 

Want more tips? Be sure to subscribe to the Ask the Expert board to receive follow up Q&A, slides and recordings from other SAS Ask the Expert webinars.  

 

Version history
Last update:
‎08-16-2021 02:59 PM
Updated by:
Community Manager
Contributors

sas-innovate-2024.png

Available on demand!

Missed SAS Innovate Las Vegas? Watch all the action for free! View the keynotes, general sessions and 22 breakouts on demand.

 

Register now!

Click image to register for webinarClick image to register for webinar

Classroom Training Available!

Select SAS Training centers are offering in-person courses. View upcoming courses for:

View all other training opportunities.

Article Labels
Article Tags