Creating a proxy user

Edit online

A proxy user enables connectivity to subsystems on both local and remote sysplexes, and can submit jobs on behalf of a logged-in user. Proxy users must be configured as certificate-based service users, meaning they do not require a password and are authenticated through certificates.

Before you begin

  • In Db2® CI/CD Expert, when DDL protection is enabled, a logged-in user who wants to use a proxy user for any action must have READ access to the SAF profile izp.proxy.certowner.certname.certllabel.
  • You can define a SAF check if a user is authorized to use the certificate credential specified in the proxy user by setting the components.izp.security.checkProxyUserAccess parameter to true. For more information, refer to Parameters in ZWEYAML.
  • A proxy user is requested directly in continuous deployment (CD) operations and indirectly by the associated Team in certain continuous integration (CI) operations (for example, merging a pull request).

Procedure

To create a proxy user, complete the following steps:
  1. Click the navigation menu and select Manage general > Proxy users.
  2. Click Register proxy user.
  3. On the Register proxy user page, provide the required field values:
    Name
    Specify a unique name for the proxy user.
    Note: Only uppercase alphanumeric (A-Z, 0-9) characters that begin with an alphabet character are allowed. It can have a maximum size of 32 bytes.
    Keyring owner
    Specify the user ID of the owner of the key ring.
    Note: Only uppercase alphanumeric (A-Z, 0-9) characters that begin with an alphabet character are allowed.
    Keyring name
    Specify the name of the key ring.
    Note: Only alphanumeric (A-Z, a-z, 0-9) characters are allowed.
    Certificate label
    Specify the label of the certificate connected to the key ring.
    Note: Only alphanumeric (A-Z, a-z, 0-9) characters are allowed.
    Keystore type
    Specify the keystore type of the key ring. The supported keystore types are:
    • (Software) JCERACFKS
    • (Hardware) JCECCARACFKS
  4. Click Register.

Results

A proxy user is created successfully and will appear in the Default proxy user drop-down list of the Creating teams page and Select proxy user drop-down list of the Register sysplex page.