Roles
Domain roles
- DomainAdministrator
- This role has authority to administer the domain. For example, users and groups that are assigned this role can start and stop the domain, create and start instances, change and view permissions, and change the configuration of the domain. They also have authority to administer instances in the domain.
- DomainUser
- This role has authority to use the domain. For example, users and groups that are assigned this role can view domain properties, list the resources in the domain, and get information about the state of the domain.
You can create more roles in your domain by using the streamtool mkdomainrole command. To assign these roles to groups or users, run the streamtool addgroupdomainrole or streamtool adduserdomainrole commands. Alternatively, you can use the Streams Console.
Instance roles
- InstanceAdministrator
- This role has authority to administer the instance. For example, users and groups that are assigned this role can start and stop the instance, change and view permissions, change the configuration of the instance, and submit and cancel jobs.
- InstanceUser
- This role has authority to use the instance. For example, users and groups that are assigned this role can view instance properties, list the resources in the instance, and submit jobs. They can also perform the following tasks for jobs that they submitted: list the jobs, list the processing elements, cancel the jobs, and stop and restart processing elements.
You can create more roles in your instances by using the streamtool mkrole command. To assign these roles to groups or users, run the streamtool addgrouprole or streamtool adduserrole commands. Alternatively, you can use the Streams Console.
You can use roles to secure domain and instance objects by setting the permissions for the role in the InfoSphere® Streams access control list (ACL). For more information about granting permissions to roles, see Viewing and configuring ACL settings for InfoSphere Streams domains and instances.