Managing security roles
About this task
A security role represents a certain level of authorization and includes the set of actions that users or groups can perform on a set of object types.
For the list of actions that users or groups can perform on the different objects, for each HCL Workload Automation task, see Actions on security objects.
- A full access definition for the user who installed the product, TWS_user with the default
security role assigned named
FULLCONTROL
. - An access definition for the system administrator, root on UNIX or Administrator on Windows.
Create new role
About this task
To create a new security role from the Dynamic Workload Console, complete the following procedure:
Procedure
- From the navigation toolbar, click Administration.
-
In the Security select Manage Workload
Security.
The Manage Workload Security panel opens.
- From the drop-down list, select the HCL Workload Automation engine on which you want to manage security settings.
-
In the Roles section, click Create new role.
The Create Role panel opens.
- Enter the name of the security role that you are creating and, optionally, the role description.
- For each of the HCL Workload Automation tasks, assign the level of access for performing certain actions on specific object types to the security role. You can assign a predefined or a custom level of access.
- Click Show Details to see the permissions associated to a predefined level of access, or to define your custom level of access. Tooltips are available to explain what a certain permission means for a particular object type.
- Click View to see the mapping between the set of permissions that you are assigning and the corresponding set of permissions in the classic security model.
- Click Save to save the security role definition in the database.
- Click Save and Exit to save the security role definition in the database and return to the Manage Workload Security panel.
Results
The security role has now been added to the database. If the optman enRoleBasedSecurityFileCreation global option is set to yes, the security role is activated in your security file.
Manage roles
About this task
From Manage Workload Security, you can also remove, edit, and duplicate existing roles.
Procedure
-
In the Roles section of the Manage Workload Security panel, click Manage
roles.
The list of the available security roles is displayed.
- Select the security roles that you want to manage.
- Select the action that you want to run on the selected roles.