RACF network resource operations
The RACF network resource update operation (NRUP) allows changes to ACLs to programs and dataset. This requires:
RACF security products that support resource access lists.
Bravura Security Fabric 6.2.1 or higher.
Mainframe Connector 7.0.2 or higher
The operation parameter (resourcetype) is the resource class (for example, DATASET, FACILITY, PROGRAM). The operation parameter (resourceaddress) is the resource class profile.
The following account attributes can be mapped to a request-only attribute to set the flags on the network resource update:
ACL_ACCESS can be READ, DELETE, UPDATE, EXECUTE, CONTROL, ALTER, NONE, depending on the resource class.
ACL_GENERIC can be T or F. Only required if the class is a DATASET.
ACL_CONDITION maps to the WHEN condition for the PERMIT command.
Information on the PERMIT command can be found here:
http://publib.boulder.ibm.com/infocenter/zos/v1r12/topic/com.ibm.zos.r12.icha400/permit.htm#permit
To submit requests for network resources in Bravura Security Fabric 6.2.1 or higher, you must use the IDSYNCH REQUEST REWRITE PLUGIN to add the resources operations to the request.