You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hpc-cache/access-policies.md
+6-8Lines changed: 6 additions & 8 deletions
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: How to create and apply custom access policies to limit client acce
4
4
author: ekpgh
5
5
ms.service: hpc-cache
6
6
ms.topic: how-to
7
-
ms.date: 12/17/2020
7
+
ms.date: 12/22/2020
8
8
ms.author: v-erkel
9
9
---
10
10
@@ -24,14 +24,14 @@ If you don't need fine-grained control over storage target access, you can use t
24
24
25
25
Use the **Client access policies** page in the Azure portal to create and manage policies. <!-- is there AZ CLI for this? -->
26
26
27
-
<!--  -->
28
-
29
-
[](media/policies-overview-draft.png#lightbox)
27
+
[](media/policies-overview.png#lightbox)
30
28
31
29
Each policy is made up of rules. The rules are applied to hosts in order from the smallest scope (host) to the largest (default). The first rule that matches is applied and later rules are ignored.
32
30
33
31
To create a new access policy, click the **+ Add access policy** button at the top of the list. Give the new access policy a name, and enter at least one rule.
34
32
33
+

34
+
35
35
The rest of this section explains the values you can use in rules.
36
36
37
37
### Scope
@@ -60,11 +60,11 @@ Specify the IP address or range of addresses for this rule. Use CIDR notation (e
60
60
61
61
Set what privileges to grant the clients that match the scope and filter.
62
62
63
-
Options are read/write, read-only, or none.
63
+
Options are **read/write**, **read-only**, or **no access**.
64
64
65
65
### SUID
66
66
67
-
Check the SUID box to allow files in storage to set user IDs upon access.
67
+
Check the **SUID** box to allow files in storage to set user IDs upon access.
68
68
69
69
SUID typically is used to increase a user’s privileges temporarily so that the user can accomplish a task related to that file.
70
70
@@ -86,8 +86,6 @@ If you turn on root squash, you must also set the anonymous ID user value to one
86
86
***65535** (no access)
87
87
***0** (unprivileged root)
88
88
89
-

90
-
91
89
## Next steps
92
90
93
91
* Apply access policies in the namespace paths for your storage targets. Read [Set up the aggregated namespace](add-namespace-paths.md) to learn how.
0 commit comments