Setting up RACF® authorization
About this task
Before HCL Workload Automation for Z executes any your request, a security verification check is passed to the System Authorization Facility (SAF) to ensure that you are authorized to access all the resources required to perform the request. You can use fixed resources and subresources to protect HCL Workload Automation for Z functions and data. When a console user requires a report, fixed resources (RP) are checked. Subresources (RP.REPTYPE) are checked only if they are defined in the AUTHDEF statement, for this reason you are required to add subresource RP.RETYPE in the AUTHDEF statement.
Allowed
report types are RUNSTATS, RUNHIST, WWR, WWS, and SQL. Define these
reports to RACF® with the following
command:
RDEF ibmopc RPT.reptype UACC(read)Then
authorize the reports to RACF® with
the following command:
PE RPT.reptype ID(userid) ACCESS(read) CLASS(ibmopc)For detailed information about how to protect resources through RACF®, refer to the Customization and Tuning manual.