The goal is to secure the Workload Automation AE environment such that the root user cannot create any jobs and no one can create jobs with the job owner set to root.
Product - Workload Automation AE 11.3.x
Product - Embedded Entitlements Manager 12.x
Platform - Unix/Linux
Create a WorkloadAutomationAE deny policy for as-job where the identity is set to root and the resource is [All Resources].
Create a WorkloadAutomationAE deny policy for as-owner where the identity set to [All Identities] and the resource set to root*