Managing Workload Security
You can manage security settings in your environment both from the Orchestration CLI and the Dynamic Workload Console.
You can work with the following security items:
- Access control list
- Each access control list assigns security roles to users or groups, in a certain folder.
- Security roles
- Each role represents a certain level of authorization that defines the set of actions that users or groups can perform on a set of item types.
- Folders
- Each folder has its own level of authorization that defines the set of actions that users or groups can perform on each folder.
During the startup, HCL Universal Orchestrator creates a FULL_CONTROL standard role, which contains all the permissions for all the resources.
Four administrative roles are created as well. The following table lists the four
administrative roles with the related permissions:
Administrative role | Permissions |
---|---|
API_KEY_PERSONAL | CREATEPERSONALAPIKEY |
API_KEY_SERVICE | CREATESERVICEAPIKEY |
API_KEY_ADMINISTRATOR |
DELETEALLAPIKEYS LISTALLAPIKEYS |
REGISTER_AGENT | REGISTERAGENT |
Security setting can be managed both from the Orchestration CLI and the Dynamic Workload Console. You can find further
information in the following topics:
- Managing access control list
- Managing security roles