Actions on security items

The following tables show the actions that users or groups with standard roles can perform on the different item types, for each HCL Universal Orchestrator task. See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.

Table 1. Actions that users or groups can perform when designing and monitoring the workload

Design and Monitor Workload
Actions that users or groups can perform Security item types

List (list)

Display (display)

Create (add)

Delete (delete)

Modify (modify)

Use (use)

Unlock (unlock)

Actions on remote workstations while modeling jobs (cpu-run)

Note: See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.

Jobs

Job Streams

Credentials

Calendars

Variable Tables

Folders

Table 2. Actions that users or groups can perform when modifying current plan
Modify current plan
Actions that users or groups can perform on the plan

Add job stream dependency (schedule - adddep)

Add job dependency (job - adddep)

Remove job dependency (job - deldep)

Remove job stream dependency (schedule - deldep)

Cancel job (job - cancel)

Cancel job stream (schedule - cancel)

Rerun job (job - rerun)

Confirm job (job - confirm)

Release job (job - release)

Release job stream (schedule - release)

Kill jobs (job - kill)

Note: See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.
Table 3. Actions that users or groups can perform when submitting workload
Submit Workload
Workload definitions that can be added to the plan

Only existing job definitions (job - submitdb)

Existing jobs definitions and ad hoc jobs (job - submit)

Existing job stream definitions (schedule - submit)

Note: See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.
Table 4. Actions that users or groups can perform when managing the workload environment
Manage Workload Environment
Actions that users or groups can perform on workstations

List workstations (cpu - list)

Display workstation details (cpu - display)

Create workstations (cpu - add)

Delete workstations (cpu - delete)

Modify workstations (cpu - modify)

Use workstations (cpu - use)

Unlock workstations (cpu - unlock)

Shutdown (cpu - shutdown)

Use 'console' command from conman (cpu - console)

Upgrade workstation (cpu - manage)

Note: See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.

Table 5. Administrative tasks that users or groups can perform
Administrative Tasks
Administrative tasks that users or groups can perform

Delegate security on folders (folder - acl)

Note: See in parenthesis the corresponding action and item values that you must use when defining role-based security with the Orchestration CLI.

The following table shows the actions that users or groups with administrative roles can perform on the different item types, for each HCL Universal Orchestrator task. See in parenthesis the corresponding actions and items values that you must use when defining role-based security with Orchestration CLI.

Table 6. Administrative tasks that users or groups can perform
Administrative tasks
Administrative tasks that users or groups can perform

API Keys Administrator (securityrole ADMIN - DELETEALLAPIKEYS, LISTALLAPIKEYS)

Delete all API keys (securityrole ADMIN - DELETEALLAPIKEYS)

List all API keys (securityrole ADMIN - LISTALLAPIKEYS)

Register agent (securityrole ADMIN - REGISTERAGENT)

Create personal API Key ((securityrole ADMIN - CREATEPERSONALAPIKEY)

Create service API Key ((securityrole ADMIN - CREATESERVICEAPIKEY)

Note: See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.