Although the documentation and the sample jcl all reference ROLE based security, it is not a REQUIREMENT.
If you do not want to write roleset rules, you can convert them to UID rulesets.
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 ROLE(IYU0RPAW) -
the TYPE(ZMC) rule can be created as a uid ruleset after ascertaining which users
would be included in ROLE IYU0RPAW.
if that would be user01, user02 and user03 the rule could be written as
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user01>) -
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user02>) -
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user03>) -
What you would need to do is assign all users that would be associated with each group/role and then change
the rules to be UIDs instead of specifying the role.
I believe that cloud is required for v2r3 or above.
I would suggest that you start with member ACFMFSEC in CAX1JCL0
and then you can add other components as required.