Is role based security required for setup of z/osmf?
The only guide I could find was role based and not UID based
Are cloud rules required for the setup?
Release : 16.0
Component : ACF2 for z/OS
Although the documentation and the sample jcl all reference ROLE based security, it is not a REQUIREMENT.
If you do not want to write roleset rules, you can convert them to UID rulesets.
for example..
SET RESOURCE(ZMC)
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 ROLE(IYU0RPAW) -
SERVICE(READ) ALLOW)
the TYPE(ZMC) rule can be created as a uid ruleset after ascertaining which users
would be included in ROLE IYU0RPAW.
if that would be user01, user02 and user03 the rule could be written as
SET RESOURCE(ZMC)
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user01>) -
SERVICE(READ) ALLOW)
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user02>) -
SERVICE(READ) ALLOW)
RECKEY IZUDFLT ADD(ZOSMF.RESOURCE_POOL.WLM.IYU0 UID(<user03>) -
SERVICE(READ) ALLOW)
END
What you would need to do is assign all users that would be associated with each group/role and then change
the rules to be UIDs instead of specifying the role.
I believe that cloud is required for v2r3 or above.
I would suggest that you start with member ACFMFSEC in CAX1JCL0
and then you can add other components as required.