Understanding Security Automation

The PeopleSoft Security Automation tool allows users to automate the customization of pre-existing permission lists, roles and menus. It allows setting the permission list security for:

  • Pages

  • Component Interfaces

  • Query Trees (Access Groups)

  • ADS (Access Groups and general settings)

  • Process Groups (Process Groups and general settings)

  • Web Services

It allows adding or removing permission lists from roles, adding or removing items to, or from a menu that points to new or deprecated components. The required changes are put together by user and is stored in a table as metadata. This is then run by the Security Update Automation Engine process. There are three AE processes to be run for security updates for Permission Lists, Roles and Menus.

Change Packages include steps to import delivered security related changes into your target environment. Once these changes are imported you should review the delivered changes to determine whether you would like each change to be processed.

Each delivered change defaults with a status of Imported and a Process Flag selected (turned ON). If you do not want the change applied to your target environment, you must clear the Process Flag check box and select Save on the page. Rows of data that do not have the Process Flag check box select are not applied to your target environment in subsequent steps of the Change Package.

See the Manage Menus Page, which illustrates that several menus have been imported and have a status of Imported.

If you do not wish to update your target environment with a delivered change, clear the Process Flag check box for the row of data and click Save. This updates the status to Changed and the row of data is ignored in the subsequent steps executed in your Change Package.

Once you have reviewed all of the delivered changes for Menus, Roles, and Permissions, return to the Change Assistant and mark the Review the Changes in Security Tool step as Complete and continue with the Change Package.