MD Command Security
Option 6 from the MDSEC Main Menu gives the user access to provide or revoke permissions to users in order to execute specific MD commands that cause updates to MDCMS data or deployments.
When the program called by a command in this list is invoked, this table is checked to see if the job user is entitled to execute the command. If not, the program will terminate and the log entry for the command, if applicable, will be updated to reflect that the job user is not authorized.
When the command is invoked via a corresponding REST API, the user that is checked is the user that owns the Token. Tokens are generated in MDSEC option API Tokens.
A user can make changes to command permissions from this screen if they are registered with MDSEC Edit Authority in MDSEC.
Use option U to view/modify the list of users permitted to execute a particular command.
User Special Values
| Value | Description |
|---|---|
*ALL | any user on the system (including users not registered in MDSEC) can execute the command |
*ALLSEC | any user that is registered in MDSEC and has been granted authority to the function carried out by the command (recommended) |
*NONE | no user may execute the command |