Engine workload security scenario

Create a new custom role with specific engine security access and add users or groups to it.

About this task

Stobbard & Co is a worldwide shipping company that uses HCL Universal Orchestrator to automate their business processes. The company has recently hired a new employee to help monitor their automated workload. As a system administrator, you need to create a custom role to limit their access to specific functions of the HCL Universal Orchestrator on a specific engine. The new employee's username in the system is mark.ramirez. The new custom role is called Operator_Monitoring_Engine and can only perform actions on the plan.

Procedure

  1. In the Administration menu, go to Manage workload security.
  2. In the Roles section of the page, click Create new roles.
  3. Name the custom role Operator_Monitoring_Engine and add a short description.
  4. Select Role type standard.
  5. In the Design and Monitor Workload section, select Custom, and then select List and view details for:
    • Jobs
    • Job streams
    • Folder
    • Credentials
    Note: To make specific items visible for the role you are creating on the Dynamic Workload Console, you need to select List or List and view details in the Design and Monitor Workload section.
  6. In the Modify plan section select Yes.
  7. Save and exit.
  8. In the Access Control List section of the page, go to Give access to users or groups.
  9. Select the mark.ramirez from the Username dropdown list.
  10. Select the Standard Role type.
  11. Select Operator_Monitoring_Engine from the Role dropdown menu
  12. Select the Folder that mark.ramirez needs to monitor with the role Operator_Monitoring_Engine.

Results

You have successfully assigned an engine security role to the new employee, defining which actions they can perform on a specific engine either from the Dynamic Workload Console or from Orchestration CLI.