Previous Topic: RESOURCE Keyword—Global Resource Class Administration AuthorityNext Topic: RESOWNER Keyword—Maintain SMS ACID


RESOURCE Keyword—Individual Resource Class Administration Authority

Valid on z/OS, z/VSE, and z/VM.

Use the resource keyword to grant administrative authority for a specific resource class to an individual administrator.

This keyword has the following format:

TSS ADMIN(acid) resource(authority-level(s))
resource

The specific resource class RESCLASS from the RDT.

This keyword can be used with:

More information:

RESOURCE Keyword—Global Resource Class Administration Authority

RESOURCE Authority Levels

The CA Top Secret administrator may specify one or more of the following authority levels:

ALL

Gives the named "ACID" any of the authorities listed above.

AUDIT

Gives the named "acid" the ability to ADDTO or REMOVE any resource prefixes from the Audit Record. For details, see the Auditor's Guide.

INFO

Gives the named "ACID" the ability to employ WHOOWNS and WHOHAS for any resource.

OWN

Gives the named "ACID" the administrative authority to ADDTO or REMOVE resources for acids under its scope of control.

REPORT

Gives the named "ACID" the ability to obtain reports for all resources by employing the utilities TSSUTIL, TSSAUDIT, TSSCPR, and TSSCHART.

XAUTH

Gives the named "ACID" the administrative authority to PERMIT or REVOKE resources for acids under its scope of control.

Access Levels

When granting XAUTH authority to the named “ACID,” the administrator may limit the access levels which the named “ACID” can PERMIT.

DEFAULT

If the ADMIN command does not specify an ACCESS clause, the named "ACID" of the command is not allowed to specify an ACCESS keyword in PERMIT commands. As a result, all PERMIT commands issued by the named "ACID" will default to the DEFACC access‑level defined in the RDT

ALL

Named "ACID" may permit any resource at any access level.

CONTROL

Named "ACID" may permit any resource at the access level CONTROL.

CREATE

Named "ACID" may permit any resource at the access level CREATE.

DELETE

Named "ACID" may permit any resource at the access level DELETE.

FEOV

Named "ACID" may permit any resource at the access level FEOV.

FETCH

Named "ACID" may permit any resource at the access level FETCH.

NONE

Named "ACID" may permit any resource at the access level NONE.

PURGE

Named "ACID" may permit any resource at the access level PURGE.

READ

Named "ACID" may permit any resource at the access level READ.

REPLACE

Named "ACID" may permit any resource at the access level REPLACE.

SCRATCH

Named "ACID" may permit any resource at the access level SCRATCH.

UPDATE

Named "ACID" may permit any resource at the access level UPDATE.

WRITE

Named "ACID" may permit any resource at the access level WRITE.

Note: The ACLST of the resource class definition in the RDT governs the appropriate use of ACCESS levels in PERMIT commands for individual resources.

More information:

ACLST Keyword—Resource Access Level

Example: resource Keyword

This example allows the RESADM ACID to permit READ access to DATASET resources for ACIDs when both the ACID and the DATASET are owned and within scope.

TSS ADMIN(RESADM) DATASET(XAUTH)
                  ACCESS(READ)