Cisco Cisco Process Orchestrator 3.0 Guida Utente

As a Process Orchestrator administrator, you can limit users access to only a subset of Process 
Orchestrator processes or limit a whole group to read-only access for specific objects. For example, the 
Process Orchestrator administrator can configure members of the Accounting Process Authors group 
with the ability to only create, delete, modify or schedule processes in the Accounting category and can 
only act on targets that represent the accounting services. However, those members of that group will not 
be allowed to view or modify any other processes or targets in Process Orchestrator.

Using the Security view, you can determine what Process Orchestrator objects users are allowed to view, 
create, or modify. 

If the user has permissions to view (or edit) only a subset of Process Orchestrator objects, when the 
Process Orchestrator user interfaces (Console, CLI, or Web Service) display Process Orchestrator 
objects to the user, the display will only show those objects that the user has permissions to view or 
modify.

When the user does not have sufficient permissions in Process Orchestrator to perform an operation and 
attempts to perform that operation, Process Orchestrator will generate an error, as well as log an audit 
failure event to the event log.