Access Control List

Access Control Lists (ACLs) define the permissions for users or groups on specific metadata objects. They are key-value pairs where they key is the User ID or Group ID, and the value is a permission set.

Access Control Entry Properties

Field	Type	Description	Example
`granted`	Integer	Bitmask that represents the granted permissions. Use `1` for Read access, `2` for Write access, and `255` for Full Control.	`255`
`denied`	Integer	Bitmask that represents explicitly denied permissions.	`0`
`inheritable`	Boolean	This field is specific to folders. If the value is true, new objects created under this folder will inherit the ACL.	`[ { name: "Month" } ]`

Common Permission Bitmasks

Bitmask	Permission
`1`	Browse
`2`	Use Execute
`4`	Read
`8`	Write
`16`	Delete
`32`	Control
`64`	Use
`128`	Execute
`255`	Full Control

Example

See the following ACL file example:

Copy

acl:
  "294DEDC011D2F1D56000D98E67019608": # Example Group ID (Public)
    granted: 1
    denied: 0
    inheritable: false
  "37DECDD94EAA4A2AF3C7A6B17080DADF": # Example User ID (Administrator)
    granted: 255
    denied: 0
    inheritable: true