Note: | You use this action to set permissions on policy objects. To set permissions on catalog assets, you must use Set Instance and Profile Permissions. |
Note: | The instance-level permissions that this action assigns to a user does not affect any role-based permissions that the user might already have. For example, if user ABC has Manage Policies permission for an organization and that user also happens to be a member of a group to which this action assigns instance-level permissions, user ABC's Manage Policies permission will override the permission settings that this action assigns to him or her. |
User/Group Permission | (Object). (Array). An array of permission settings. Each setting in the array identifies one individual user or one group and specifies the permissions for that user or group. If you specify multiple groups in this array and a user is a member of more than one group, the user will receive the permissions of all those groups combined. For example, if you assign Modify permission to Group A and Full permissions to Group B, users that are members of both groups will get Full permissions on the object. | |
Remove existing permission | (Boolean). Specifies whether the permission settings in the Users and Groups parameter replace the existing permission settings or whether they are combined with the existing settings. | |
Propagate permissions to dependent objects | (Boolean). Specifies whether the access permissions defined for the asset instance is automatically propagated to all dependent objects. For example, a Service asset can refer to a WSDL which in turn can refer to one or more XML Schema assets, and when you set this parameter to yes, changes in the access permissions in the Service asset is propagated to all of these dependent assets. |