DBRC API security features
You might want to limit access to the RECON data set to certain users. With the DBRC API, you can give installation control to individual DBRC API requests that users might issue.
The following table lists the DBRC API requests and the resource profiles used by the security product to protect each request. The symbol * indicates a wildcard value.
| Function | Type | Parameter | Resource |
|---|---|---|---|
| STARTDBRC or STOPDBRC | N/A | No parameter specified | hlq.STDBRC This resource is used if no ssid is specified. |
| SSID=ssid | hlq.STDBRC.ssid For STARTDBRC, ssid is the optionally specified subsystem ID. For STOPDBRC, ssid is the subsystem ID specified on the STARTDBRC request. |
||
| RELBUF | N/A | N/A | N/A |
| QUERY | RECON | N/A | hlq.LIST.RECON |
| QUERY | DB | DBNAME=name | hlq.LIST.DB.name |
| DBNAME=name* | hlq.LIST.DB.ALL | ||
| DBLIST=dblist | hlq.LIST.DB.ALL | ||
| LOC=FIRST | NEXT | hlq.LIST.DB.ALL | ||
| QUERY | PART | DBNAME=name | hlq.LIST.DB.name |
| PARTNAME=name | hlq.LIST.DB.name | ||
| QUERY | DBDS | DBNAME=name | hlq.LIST.DBDS.name |
| GROUP=grpname | hlq.LIST.DBDS.grpname | ||
| QUERY | LOG | STARTIME | hlq.LIST.LOG.STARTIME |
| FROMTIME | TOTIME | hlq.LIST.LOG.ALL | ||
| QUERY | OLDS | SSID=ssid | ssid*| * | hlq.LIST.LOG.ALLOLDS |
| QUERY | SUBSYS | SSID=ssid | hlq.LIST.SUBSYS.ssid |
| SSID=ssid* | hlq.LIST.SUBSYS.ALL | ||
| SSID=* | hlq.LIST.SUBSYS.ALL | ||
| SSTYPE=ALL | hlq.LIST.SUBSYS.ALL | ||
| SSTYPE=BATCH | hlq.LIST.SUBSYS.BATCH | ||
| SSTYPE=ONLINE | hlq.LIST.SUBSYS.ONLINE | ||
| SSTYPE=DBRCAPI | hlq.LIST.SUBSYS.DBRCAPI | ||
| QUERY | BACKOUT | SSID=ssid | hlq.LIST.BKOUT.ssid |
| SSID=ssid* | hlq.LIST. BKOUT.ALL | ||
| SSID=* | hlq.LIST. BKOUT.ALL | ||
| QUERY | DBDSGROUP | GROUP=grpname | hlq.LIST.DBDSGRP.grpname |
| GROUP=*|grpname* | hlq.LIST.DBDSGRP.ALL | ||
| QUERY | DBGROUP | GROUP=grpname | hlq.LIST.DBDSGRP.grpname |
| GROUP=*|grpname* | hlq.LIST.DBDSGRP.ALL | ||
| QUERY | RECOVGROUP | GROUP=grpname | hlq.LIST.DBDSGRP.grpname |
| GROUP=*|grpname* | hlq.LIST.DBDSGRP.ALL | ||
| QUERY | CAGROUP | GROUP=grpname | hlq.LIST.CAGRP.grpname |
| GROUP=*|grpname* | hlq.LIST.CAGRP.ALL | ||
| QUERY | GSGROUP | GROUP=grpname | hlq.LIST.GSG.grpname |
| GROUP=*|grpname* | hlq.LIST.GSG.ALL | ||
| COMMAND | N/A | N/A | Use current command resources. |
| AUTH UNAUTH | N/A | AUTHLIST=list | hlq.AUTH.dbname Each dbname in the list is verified. |