RESOURCE authorities are used to designate what type of maintenance a Security Administrator can perform on resources. There are six operands that can be specified with the RESOURCE keyword:
Allows the designated administrator to define, move, and remove resource ownership
Allows the designated administrator to PERMIT or REVOKE resource access. The access levels must also be specified. For example:
TSS ADM(FINVCA) RES(XAUTH) ACCE(READ,FETCH)
only allows FINVCA to PERMIT an access level of READ or FETCH for the ACIDs within his scope
Allows the designated administrator to issue TSS WHOHAS and TSS WHOOWNS for resources
Allows the designated administrator to ADD or REMOVE resources from the AUDIT record
Allows the designated administrator to use BATCH reporting utilities for resources (see the “Monitoring Your Security Environment” chapter for a discussion of report running)
Allows the designated administrator to perform all of the above functions
The keyword, RESOURCE, applies to all resources. If you only wish to indicate a specific resource, substitute that resource class name. For example, the following gives FINVCA the authority to perform WHOOWNS and WHOHAS inquiries for any type of resource:
TSS ADMIN(FINVCA) RESOURCE(INFO)
The following example gives RESVCA the same type of authority-but only for the program resource class.
TSS ADMIN(RESVCA) PGM(INFO)
Note: In addition to specifying RESOURCE, you must also specify a particular ACCESS level, if that applies, otherwise the default is READ. For example:
TSS ADMIN(RESVCA) DSN(OWN) ACCE(CREATE,UPDATE)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|