What is required for the security class ZMFCLOUD that must be active when you configure IBM Cloud Provisioning and Management for z/OS?
search cancel

What is required for the security class ZMFCLOUD that must be active when you configure IBM Cloud Provisioning and Management for z/OS?

book

Article ID: 14157

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

What is required for the security class ZMFCLOUD that must be active when you configure IBM Cloud Provisioning and Management for z/OS?

Environment

Release:
Component: ACF2MS

Resolution

With ACF2 all resource classes are protected by default. If there is no GSO CLASMAP definition for ZMFCLOUD the ACF2 Resource TYPE code will default to the first three characters of the Resource Class. So for Resource Class ZMFCLOUD the default TYPE code would be ZMF. 

Sample Rules for IBM Cloud Provisioning and Management for z/OS security authorizations for the default domain and default tenant.

Grant the landlord group read access to the landlord profile.

ACF
SET RESOURCE(ZMF)
RECKEY IZUDFLT ADD( OSMF.PROVISIONING.RESOURCE_MANAGEMENT.IYU -
UID(uid string for IYU) SERVICE(READ) ALLOW)

Grant the WLM administrator group read access to the WLM administrator profile.

ACF
SET RESOURCE(ZMF)
RECKEY IZUDFLT ADD( ZOSMF.RESOURCE_POOL.WLM.IYU0 -
 UID(UID STRING FOR IYU0RPAW) SERVICE(READ) ALLOW) 

Grant the network administrator group read access to the network administrator profile.

ACF
SET RESOURCE(ZMF)
RECKEY IZUDFLT ADD( ZOSMF.RESOURCE_POOL.NETWORK.IYU0 -
UID(UID STRING FOR IYU0RPAN) SERVICE(READ) ALLOW)    

 

Powered by Wolken Software