18.3. ACI Structure

The aci attribute uses the following syntax:
(target_rule) (version 3.0; acl "ACL_name"; permission_rule bind_rules;)

Note

The permission and the bind rule pair are called an access control rule.
To efficiently set multiple access controls for a given target, you can set multiple access control rules for each target:
(target_rule)(version 3.0; acl "ACL_name"; permission_rule bind_rules; permission_rule bind_rules; ... ;)