WORKLOAD AUTOMATION COMMUNITY
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new

How to protect actions and command in Workload Scheduler for z/OS

8/23/2017

2 Comments

 
Picture
Workload Scheduler allows now to protect not only its resources like Applications, Special resources, Jobs or all the objects present in the Current Plan or in the Database, but also actions and commands.

For example, the Workload Scheduler execution information are stored in a VSAM file called  Current Plan. The execution workflows are defined through Applications including Operations (jobs), Dependencies and other resources. Currently an WSz user can either have READ or UPDATE access to the Current plan. A user with UPDATE access can add new workload, edit occurrences, restart jobs, hold, nop, un-nop, release jobs and many other actions and commands.
With the enhancement provided in the Security feature it is possible to address to implement different access levels (actions, commands) based on the User role. So now you can easily address scenarios like the following:
Allow the System Administrator to:
  • authorize the Scheduler to add operations to the Current Plan, but preventing him from adding new occurrences.
  • authorize the application developer to perform a recovery action, but to prevent her from editing a job.
  • authorize Jason, the scheduler, to Complete and Rerun an existing occurrence, but to prevent him from adding new occurrences.

​How to implement?
The old instrument of AUTHDEF parameter with its SUBRESOURCES has been extended with the addition of new subresources. So the implementation steps are still two: 
Picture





Communicate to the WSz controller which resources you want to control. You do this through the AUTHDEF parameter.
Picture





​Associate users to the resource to be authorized or denied.

​For example, if you have RACF as SAF product: 
Picture
Using the new subresources you can implement scenarios like those described above.  
Picture
Picture
The previous example shows how you can create more User Profiles that group several commands so that a number of users, with similar profiles, can be associated to a certain COMMANDx. 

​The new subresources, available to authorize specific command actions on the CP occurrences and operations, are the following:
Picture
​…and the commands that can be grouped in each COMMANDx subresource are the following:
Picture
Note that both Occurrence and Operation commands can be specified in the same COMMANDx parameter.

Picture
Raffaella Viola
Software Engineer

Workload Automation for z/OS Development
2 Comments
Sreenath
9/26/2017 05:43:14 am

Hi Raffaella,

From which version(including the fix pls.) of WSz do we have this option ?

Reply
raffaella viola
9/26/2017 10:36:56 am

Hello,
this feature is available starting from IWSz 9.3 with the apar PI57531.
Regards,
Raffaella

Reply

Your comment will be posted after it is approved.


Leave a Reply.

    Archives

    March 2023
    February 2023
    January 2023
    December 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    January 2020
    December 2019
    November 2019
    October 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017

    Categories

    All
    Analytics
    Azure
    Business Applications
    Cloud
    Data Storage
    DevOps
    Monitoring & Reporting

    RSS Feed

www.hcltechsw.com
About HCL Software 
HCL Software is a division of HCL Technologies (HCL) that operates its primary software business. It develops, markets, sells, and supports over 20 product families in the areas of DevSecOps, Automation, Digital Solutions, Data Management, Marketing and Commerce, and Mainframes. HCL Software has offices and labs around the world to serve thousands of customers. Its mission is to drive ultimate customer success with their IT investments through relentless innovation of its products. For more information, To know more  please visit www.hcltechsw.com.  Copyright © 2019 HCL Technologies Limited
  • Home
  • Blogs
  • Forum
  • Resources
  • Events
    • IWA 9.5 Roadshows
  • About
  • Contact
  • What's new