Changes to Command Security

This topic lists the security changes to Z System Automation 4.2 commands and the required migration action.

The INGSCHED command now supports resource level security. If INGSCHED resource security is enabled, the security administrator needs to grant UPDATE authorization for the resource or schedule before the operator can delete or replace the resource or schedule override. Meanwhile, the security administrator needs to verify that the existing permissions do not use wildcards that cover resource name AND type to avoid that a schedule name matches by accident.
The INGMDFY command's security profile has changed. If INGMDFY resource security is enabled, the security administrator needs to grant UPDATE or CONTROL authorization for the resource that the operator wants to modify. The caller no longer needs authorization for special resource _CONFIG.
The INGPAC command's security profile has changed. If INGPAC resource security is enabled, the security administrator needs to grant UPDATE authorization for the pacing gate the operator wants to modify. Existing profiles of pattern AGT.*.*.RES._MANAGER.PACING can be deleted.
The INGVARS command now supports resource level security. If INGVARS resource security is enabled, the security administrator needs to grant UPDATE or CONTROL authorization for the resource that the operator specifies in the INGVARS SET, DEL, or SWAP request.