D.6. Token Key Service-Specific ACLs
D.6.1. certServer.tks.encrypteddata
allow(execute) group="Token Key Service Manager Agents"
Table D.67. certServer.tks.encrypteddata ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
Execute | Encrypted data stored in the TKS. | Allow | TKS Agents |
D.6.2. certServer.tks.group
allow (modify,read) group="Administrators"
Table D.68. certServer.tks.group ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
modify | Create, edit, or delete user and group entries for the instance. | Allow | Administrators |
read | View user and group entries for the instance. | Allow | Administrators |
D.6.3. certServer.tks.importTransportCert
allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS Administrators" || group="Enterprise TPS Administrators"
Table D.69. certServer.tks.importTransportCert ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
modify | Update the transport certificate. | Allow | Enterprise Administrators |
read | Import the transport certificate. | Allow | Enterprise Administrators |
D.6.4. certServer.tks.keysetdata
allow (execute) group="Token Key Service Manager Agents"
Table D.70. certServer.tks.keysetdata ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
Execute | Create diversified key set data. | Allow | TKS Agents |
D.6.5. certServer.tks.registerUser
allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS Administrators" || group="Enterprise TPS Administrators"
Table D.71. certServer.tks.registerUser ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
modify | Register a new agent. | Allow | Enterprise Administrators |
read | Read existing agent information. | Allow | Enterprise Administrators |
D.6.6. certServer.tks.sessionkey
allow (execute) group="Token Key Service Manager Agents"
Table D.72. certServer.tks.sessionkey ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
Execute | Create session keys generated by the TKS. | Allow | TKS Agents |
D.6.7. certServer.tks.randomdata
allow (execute) group="Token Key Service Manager Agents"
Table D.73. certServer.tks.randomdata ACL Summary
Operations | Description | Allow/Deny Access | Targeted Users/Groups |
---|---|---|---|
Execute | Generate random data. | Allow | TKS Agents |