Resource Traits
The following tables describes the resource segments and traits that are supported for add and alter operations, and returned by extract operations.
More information about RACF Keys can be found here.
See Data Types for more information about Data Types.
See Operators for more information about Operator usage.
base
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"base:access_list" | aclcnt | repeat | N/A | "extract" |
"base:access_count" | aclacnt | uint | N/A | "extract" |
"base:access_type" | aclacs | string | N/A | "extract" |
"base:access_id" | aclid | string | N/A | "extract" |
"base:alter_access_count" | acsaltr | uint | N/A | "extract" |
"base:control_access_count" | acscntl | uint | N/A | "extract" |
"base:read_access_count" | acsread | uint | N/A | "extract" |
"base:update_access_count" | acsupdt | uint | N/A | "extract" |
"base:application_data" | appldata | string | "set"
"delete" | "add"
"alter" |
"base:audit_alter" | audaltr | string | "set" | "add"
"alter" |
"base:audit_control" | audcntl | string | "set" | "add"
"alter" |
"base:audit_none" | audnone | string | "set" | "add"
"alter" |
"base:audit_read" | audread | string | "set" | "add"
"alter" |
"base:audit_update" | audupdt | string | "set" | "add"
"alter" |
"base:security_category" | category | string | "set"
"add"
"remove" | "add"
"alter" |
"base:security_categories" | numctgy | repeat | N/A | "extract" |
"base:create_date" | creatdat | string | N/A | "extract" |
"base:installation_data" | data | string | "set"
"delete" | "add"
"alter" |
"base:model_profile_class" | fclass | string | "set" | "add" |
"base:model_profile_generic" | fgeneric | boolean | "set" | "add" |
"base:model_profile" | fprofile | string | "set" | "add" |
"base:model_profile_volume" | fvolume | string | "set" | "add" |
"base:global_audit_alter" | gaudaltr | string | "set" | "alter" |
"base:global_audit_control" | gaudcntl | string | "set" | "alter" |
"base:global_audit_none" | gaudnone | string | "set" | "alter" |
"base:global_audit_read" | gaudread | string | "set" | "alter" |
"base:global_audit_update" | gaudupdt | string | "set" | "alter" |
"base:is_generic" | generic | boolean | N/A | "extract" |
"base:last_change_date" | lchgdat | string | N/A | "extract" |
"base:level" | level | string | "set" | "add"
"alter" |
"base:last_reference_date" | lrefdat | string | N/A | "extract" |
"base:member_class_name" | member | string | "set"
"add"
"remove" | "add"
"alter" |
"base:member_class_names" | member | repeat | N/A | "extract" |
"base:notify_userid" | notify | string | "set"
"delete" | "add"
"alter" |
"base:owner" | owner | string | "set" | "add"
"alter" |
"base:auditing" | raudit | repeat | N/A | "extract" |
"base:global_auditing" | rgaudit | string | N/A | "extract" |
"base:security_label" | seclabel | string | "set"
"delete" | "add"
"alter" |
"base:security_level" | seclevel | string | "set"
"delete" | "add"
"alter" |
"base:single_data_set_tape_volume" | singldsn | boolean | "set"
"delete" | "add"
"alter" |
"base:time_zone" | timezone | string | "set"
"delete" | "add"
"alter" |
"base:tape_vtoc" | tvtoc | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"base:universal_access" | uacc | string | "set" | "add"
"alter" |
"base:volume" | volume | string | "add"
"remove" | "alter" |
"base:volumes" | volcnt | repeat | N/A | "extract" |
"base:warn_on_insufficient_access" | warning | boolean | "set"
"delete" | "add"
"alter" |
"base:terminal_access_allowed_day" | whendays | string | "set" | "add"
"alter" |
"base:terminal_access_allowed_days" | whendyct | repeat | N/A | "extract" |
"base:terminal_access_allowed_time" | whentime | string | "set" | "add"
"alter" |
cdtinfo
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"cdtinfo:case_allowed" | cdtcase | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:default_racroute_return_code" | cdtdftrc | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:valid_first_character" | cdtfirst | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:valid_first_characters" | cdtfirn | repeat | N/A | "extract" |
"cdtinfo:generic_profile_checking" | cdtgen | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:generic_profile_sharing" | cdtgenl | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:grouping_class_name" | cdtgroup | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:key_qualifiers" | cdtkeyql | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:manditory_access_control_processing" | cdtmac | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:max_length" | cdtmaxln | uint | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:max_length_entityx" | cdtmaxlx | uint | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:member_class_name" | cdtmembr | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:operations" | cdtoper | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:valid_other_character" | cdtother | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:valid_other_characters" | cdtothn | repeat | N/A | "extract" |
"cdtinfo:posit_number" | cdtposit | uint | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:profiles_allowed" | cdtprfal | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:raclist_allowed" | cdtracl | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:send_enf_signal_on_profile_creation" | cdtsigl | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:security_label_required" | cdtslreq | string | "set"
"delete" | "add"
"alter"
"extract" |
"cdtinfo:default_universal_access" | cdtuacc | string | "set"
"delete" | "add"
"alter"
"extract" |
cfdef
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"cfdef:custom_field_data_type" | cfdtype | string | "set" | "add"
"extract" |
"cfdef:valid_first_characters" | cffirst | string | "set" | "add"
"alter"
"extract" |
"cfdef:help_text" | cfhelp | string | "set" | "add"
"alter"
"extract" |
"cfdef:list_heading_text" | cflist | string | "set" | "add"
"alter"
"extract" |
"cfdef:mixed_case_allowed" | cfmixed | string | "set" | "add"
"alter"
"extract" |
"cfdef:min_numeric_value" | cfmnval | uint | "set"
"delete" | "add"
"alter"
"extract" |
"cfdef:max_field_length" | cfmxlen | uint | "set" | "add"
"alter"
"extract" |
"cfdef:max_numeric_value" | cfmxval | uint | "set"
"delete" | "add"
"alter"
"extract" |
"cfdef:valid_other_characters" | cfother | string | "set" | "add"
"alter"
"extract" |
"cfdef:validation_rexx_exec" | cfvalrx | string | "set"
"delete" | "add"
"alter"
"extract" |
dlfdata
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"dlfdata:job_name" | jobname | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"dlfdata:job_names" | jobnmcnt | repeat | N/A | "extract" |
"dlfdata:retain_object_after_use" | retain | boolean | "set"
"delete" | "add"
"alter"
"extract" |
eim
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"eim:domain_distinguished_name" | domaindn | string | "set"
"delete" | "add"
"alter"
"extract" |
"eim:kerberos_registry" | kerbreg | string | "set"
"delete" | "add"
"alter"
"extract" |
"eim:local_registry" | localreg | string | "set"
"delete" | "add"
"alter"
"extract" |
"eim:options" | options | string | "set"
"delete" | "add"
"alter"
"extract" |
kerb
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"kerb:validate_addresses" | chkaddrs | string | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:default_ticket_life" | deftktlf | uint | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:encryption_algorithm" | encrypt | string | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:encryption_algorithms" | encryptn | repeat | N/A | "extract" |
"kerb:realm_name" | kerbname | string | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:key_version" | keyvers | string | N/A | "extract" |
"kerb:max_ticket_life" | maxtktlf | uint | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:min_ticket_life" | mintktlf | uint | "set"
"delete" | "add"
"alter"
"extract" |
"kerb:password" | password | string | "set"
"delete" | "add"
"alter" |
icsf
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"icsf:certificate_label" | crtlbls | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"icsf:certificate_labels" | crtlblct | repeat | N/A | "extract" |
"icsf:exportable_public_keys" | export | string | "set"
"delete" | "add"
"alter"
"extract" |
"icsf:symmetric_export_public_key" | keylbls | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"icsf:symmetric_export_public_keys" | keylblct | repeat | N/A | "extract" |
"icsf:symmetric_cpacf_rewrap" | scpwrap | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"icsf:symmetric_cpacf_rewrap_return" | scpret | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"icsf:asymetric_key_usage" | usage | string | "set"
"delete" | "add"
"alter"
"extract" |
"icsf:key_usage_options" | usagect | repeat | N/A | "extract" |
ictx
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"ictx:use_identity_map" | domap | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"ictx:require_identity_mapping" | mapreq | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"ictx:identity_map_timeout" | maptimeo | uint | "set"
"delete" | "add"
"alter"
"extract" |
"ictx:cache_application_provided_identity_map" | usemap | boolean | "set"
"delete" | "add"
"alter"
"extract" |
idtparms
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"idtparms:signature_algorithm" | sigalg | string | "set"
"delete" | "add"
"alter"
"extract" |
"idtparms:identity_token_timeout" | idttimeo | uint | "set" | "add"
"alter"
"extract" |
"idtparms:use_for_any_application" | anyappl | string | "set"
"delete" | "add"
"alter"
"extract" |
jes
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"jes:icsf_key_label" | keylabel | string | "set"
"delete" | "add"
"alter"
"extract" |
mfpolicy
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"mfpolicy:factor" | factors | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"mfpolicy:factors" | factorsn | repeat | N/A | "extract" |
"mfpolicy:token_timeout" | timeout | uint | N/A | "extract" |
"mfpolicy:reuse_token" | reuse | boolean | "set"
"delete" | "add"
"alter"
"extract" |
proxy
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"proxy:bind_distinguished_name" | binddn | string | "set"
"delete" | "add"
"alter"
"extract" |
"proxy:bind_password" | bindpw | string | "set"
"delete" | "add"
"alter" |
"proxy:ldap_host" | ldaphost | string | "set"
"delete" | "add"
"alter"
"extract" |
session
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"session:security_checking_level" | convsec | string | "set"
"delete" | "add"
"alter"
"extract" |
"session:session_key_interval" | interval | uint | "set"
"delete" | "add"
"alter"
"extract" |
"session:locked" | lock | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"session:session_key" | sesskey | string | "set"
"delete" | "add"
"alter"
"extract" |
sigver
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"sigver:fail_program_load_condition" | failload | string | "set"
"delete" | "add"
"alter"
"extract" |
"sigver:log_signature_verification_events" | sigaudit | string | "set"
"delete" | "add"
"alter"
"extract" |
"sigver:signature_required" | sigreqd | boolean | "set"
"delete" | "add"
"alter"
"extract" |
ssignon
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"ssignon:encrypt_legacy_pass_ticket_key" | keycrypt | string | "set"
"delete" | "add"
"alter" |
"ssignon:enhanced_pass_ticket_label" | ptkeylab | string | "set"
"delete" | "add"
"alter"
"extract" |
"ssignon:enhanced_pass_ticket_type" | pttype | string | "set"
"delete" | "add"
"alter"
"extract" |
"ssignon:enhanced_pass_ticket_timeout" | pttimeo | string | "set"
"delete" | "add"
"alter"
"extract" |
"ssignon:enhanced_pass_ticket_replay" | ptreplay | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"ssignon:legacy_pass_ticket_label" | keylabel | string | "set"
"delete" | "add"
"alter"
"extract" |
"ssignon:mask_legacy_pass_ticket_key" | keymask | string | "set"
"delete" | "add"
"alter" |
stdata
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"stdata:group" | group | string | "set"
"delete" | "add"
"alter"
"extract" |
"stdata:privileged" | privlege | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"stdata:trace" | trace | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"stdata:trusted" | trusted | boolean | "set"
"delete" | "add"
"alter"
"extract" |
"stdata:userid" | user | string | "set"
"delete" | "add"
"alter"
"extract" |
svfmr
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"svfmr:parameter_list_name" | parmname | string | "set"
"delete" | "add"
"alter"
"extract" |
"svfmr:script_name" | script | string | "set"
"delete" | "add"
"alter"
"extract" |
tme
| Trait | RACF Key | Data Types | Operators Allowed | Supported Operations |
"tme:child" | children | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"tme:children" | childn | repeat | N/A | "extract" |
"tme:group" | groups | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"tme:groups" | groupn | repeat | N/A | "extract" |
"tme:parent" | parent | string | "set"
"delete" | "add"
"alter"
"extract" |
"tme:resource" | resource | string | "set"
"add"
"remove"
"delete" | "add"
"alter"
"extract" |
"tme:resources" | resn | repeat | N/A | "extract" |
"tme:role" | roles | string | "set" | "add"
"alter"
"extract" |
"tme:roles" | rolen | repeat | N/A | "extract" |