Managing security roles from the Orchestration CLI

In this topic you can find the syntax to create a security role.

About this task

A security role represents a certain level of authorization and includes the set of actions that users or groups can perform on a set of item types.

Create new security role

About this task

You can create standard or administrative security roles from the Orchestration CLI.

To create a new standard security role, use the following syntax:
$securityrole
SECURITYROLE STANDARD

       DESCRIPTION "This is securityRole #1"
       RESOURCE_1 ACTIONS...

       RESOURCE_2 ACTIONS...
END

Resources: [JOB, JOBSTREAM, CPU, CALENDAR, CREDENTIALS, VARTABLE, FOLDER]

Actions: [ADD, MODIFY, UNLOCK, USE, DISPLAY, LIST, DELETE, LIMIT, RUN, CONSOLE, START, LINK, MANAGE, STOP, UNLINK, FENCE, SHUTDOWN, ACL, CANCEL, DELDEP, SUBMIT, RELEASE, ALTPRI, ADDDEP, KILL, RERUN, CONFIRM, SUBMITDB]
To create a new administrative security role, use the following syntax:
$securityrole
SECURITYROLE ADMINSECROLE
      DESCRIPTION "Admin Security Role"
      ADMIN LISTALLAPIKEYS, DELETEALLAPIKEYS, CREATEPERSONALAPIKEY, CREATESERVICEAPIKEY, REGISTERAGENT
END

Resources: [ADMIN]

Actions: [LISTALLAPIKEYS, DELETEALLAPIKEYS, CREATEPERSONALAPIKEY, CREATESERVICEAPIKEY, REGISTERAGENT]

Actions are role specific, and can be assigned either to administrative or standard roles.

For more information about actions available for each security item, see Actions on security items.

Results

The security role has now been added to the database.