AE - Secure Environment By Blocking The Root User

Document ID : KB000117679
Last Modified Date : 18/10/2018
Show Technical Document Details
Question:
The goal is to secure the Workload Automation AE environment such that the root user cannot create any jobs and no one can create jobs with the job owner set to root.  
Environment:
Product - Workload Automation AE 11.3.x
Product - Embedded Entitlements Manager 12.x
Platform - Unix/Linux
 
Answer:
Create a WorkloadAutomationAE deny policy for as-job where the identity is set to root and the resource is [All Resources].  
Create a WorkloadAutomationAE deny policy for as-owner where the identity set to [All Identities] and the resource set to root*