Actions on security items
The following tables show the actions that users or groups with standard roles can perform on the different item types, for each HCL Universal Orchestrator task. See in parenthesis the corresponding actions and items values that you must use when defining role-based security with the Orchestration CLI.
| Design and Monitor Workload | |
|---|---|
| Actions that users or groups can perform | Security item types |
|
List (list) Display (display) Create (add) Delete (delete) Modify (modify) Use (use) Unlock (unlock) Actions on remote workstations while modeling jobs (cpu-run) Note: See in parenthesis the corresponding actions and items values that you
must use when defining role-based security with the Orchestration CLI.
|
Jobs Job Streams Credentials Calendars Variable Tables Folders |
| Modify current plan |
|---|
| Actions that users or groups can perform on the plan |
|
Add job stream dependency (schedule - adddep) Add job dependency (job - adddep) Remove job dependency (job - deldep) Remove job stream dependency (schedule - deldep) Cancel job (job - cancel) Cancel job stream (schedule - cancel) Rerun job (job - rerun) Confirm job (job - confirm) Release job (job - release) Release job stream (schedule - release) Kill jobs (job - kill) Note: See in parenthesis the corresponding actions and items values that you
must use when defining role-based security with the Orchestration CLI.
|
| Submit Workload |
|---|
| Workload definitions that can be added to the plan |
|
Only existing job definitions (job - submitdb) Existing jobs definitions and ad hoc jobs (job - submit) Existing job stream definitions (schedule - submit) Note: See in parenthesis the corresponding actions and items values that you
must use when defining role-based security with the Orchestration CLI.
|
| Manage Workload Environment |
|---|
| Actions that users or groups can perform on workstations |
|
List workstations (cpu - list) Display workstation details (cpu - display) Create workstations (cpu - add) Delete workstations (cpu - delete) Modify workstations (cpu - modify) Use workstations (cpu - use) Unlock workstations (cpu - unlock) Shutdown (cpu - shutdown) Use 'console' command from conman (cpu - console) Upgrade workstation (cpu - manage) Note: See in parenthesis the corresponding actions and items values that you
must use when defining role-based security with the Orchestration CLI.
|
| Administrative Tasks |
|---|
| Administrative tasks that users or groups can perform |
|
Delegate security on folders (folder - acl) Note: See in parenthesis the corresponding action and item values that you
must use when defining role-based security with the Orchestration CLI.
|
The following table shows the actions that users or groups with administrative roles can perform on the different item types, for each HCL Universal Orchestrator task. See in parenthesis the corresponding actions and items values that you must use when defining role-based security with Orchestration CLI.
| Administrative tasks |
|---|
| Administrative tasks that users or groups can perform |
|
API Keys Administrator (securityrole ADMIN - DELETEALLAPIKEYS, LISTALLAPIKEYS) Delete all API keys (securityrole ADMIN - DELETEALLAPIKEYS) List all API keys (securityrole ADMIN - LISTALLAPIKEYS) Register agent (securityrole ADMIN - REGISTERAGENT) Create personal API Key ((securityrole ADMIN - CREATEPERSONALAPIKEY) Create service API Key ((securityrole ADMIN - CREATESERVICEAPIKEY) Note: See in parenthesis the corresponding actions and items values that you
must use when defining role-based security with the Orchestration CLI.
|