Authorizing Runtime Actions with CA EEM

Administer Advanced CA EEM Security › Authorizing Runtime Actions with CA EEM

Authorizing Runtime Actions with CA EEM

CA Process Automation provides fine-grained access control on operations and user actions on specific automation objects such as processes, datasets, calendars, and schedules. Control includes traditional read/write rights and rights to launch a process and monitor its instances. Access rights are enforced at all external interfaces, including the CA Process Automation UI and Web services. In addition, CA Process Automation provides ways to secure operations on target hosts so that only authorized users can execute them.

To limit who can perform any of the following runtime actions, create a CA EEM policy and specify the users or group to authorize.

Execute scripts or programs within operators derived from specified categories that target specified touchpoints in a specified environment.
Control a schedule, including activate and deactivate.
Inspect or modify a dataset.
Control a process instance, including suspend, restart, resume and abort.
Control a resource, including lock, unlock, take, return, or add a variable to a resource. Add or remove a resource unit.
Dequeue or start a start request form.

Additionally, you can create a policy that authorizes read/write rights on any other automation object.

More information:

Permissions on Automation Objects

Permissions Dependencies

Filters for Permissions