How to Enable Security Feature in Refinery

This page explains how to enable the security feature in Delta Refinery to enforce internal authentication and control access to pipeline processes.

What is security feature

By default, Delta Refinery does not enforce security for pipeline execution. Enabling the security feature introduces access control using an internal user (RefProcadmin) to secure end-to-end communication between components within Refinery.

Steps to enable the security feature in Refinery

Follow these steps to enable the security feature in Refinery, as explained in the following sections:

• Connect to Delta Control Web UI
• Enable security in process templates
• Enable security in sevice classes
• Update INSTANCE_CONFIG

Connect to Delta Control Web UI

Start your Refinery installation and connect to the Control Web UI in your browser.

Enable security in process templates

To enable security for process templates:

1. In the left-hand Navigation bar, expand DaaSCore.
2. Click to expand Process Templates from the DaaSCore package tree.
3. Select refinery_process. This opens a new tab in the entity editor, in the lower half of the editor window.
4. From the top menu bar of the entity editor, click Reserved Params.
5. Find the Permissioned parameter and select Yes from the dropdown.
6. Click Save on the right side of the top menu bar of the entity editor.

Enable security in sevice classes

To enable security for service classes:

1. In the left-hand Navigation bar, expand DaaSCore.
2. Click to expand Service Classes from the DaaSCore package tree.
3. Select refinery_process. This opens a new tab in the entity editor, in the lower half of the editor window.
4. From the top menu bar of the entity editor, click Reserved Params.
5. Find the Permissioned parameter and select Yes from the dropdown.
6. Click Save on the right side of the top menu bar of the entity editor.

Update INSTANCE_CONFIG

Next, update INSTANCE_CONFIG to enable async and disable sync permissions:

1. In the left-hand Navigation bar, expand DaaSCore.
2. Click to expand Parameters from the DaaSCore package tree.
3. Select INSTANCE_CONFIG:refinery_process. This opens a new tab in the entity editor, in the lower half of the editor window.
4. From the top menu bar of the entity editor, click Attribute Values.
5. Find pm.sync.disabled in the Parameter column and then set the attribute's Value from true to false.
6. Find pm.async.enabled in the Parameter column and then set the attribute's Value from false to true.
7. Click Save on the right side of the top menu bar of the entity editor.

Using the search option

You can also use the search bar in the left-hand navigation to look for the parameter you want. This displays the package tree with the required parameter, which you can then click to open the new tab in the entity editor, in the lower half of the editor window.