Hi all,
We want to restrict the drop table and truncate table privileges to certain users in certain schemas.
I'm aware of the documentation strategy for restricting write or admin permissions:
https://docs.appian.com/suite/help/25.4/appian-cloud-database-administration.html#cloud-database
We need to go finer here, not that radical. We have designers maintaining our PRO environment, we need them to write into the DB (as they may need to fix incidents) but we want to prevent them running more "hardcore" commands, like drop or truncate.
I've also looked at the Appian admin stored procedures, to see if we can do anything similar to the normal "grant" dba commands, but I've been unable to find anything useful.
Any advice?
Thanks in advance.
Discussion posts and replies are publicly visible
Nobody should have any kind of admin access on PROD by default. Using the described approach you can easily control access for support purposes.
https://appian.rocks/2023/09/20/support-processes-on-appian/
I understand your point of view, Stefan, but sounds quite theoretical.
When you admin legacy or new big applications, you can't create always a "self maintenance" capabilities, for users to self-maintain each and every data item, right?
And when a user incorrectly enters a value, and he/she needs it to changed, if the application does not contain a self maintenance, you need a designer/admin to change that value in the DB and re-synch the record.
We need admin people with permissions to write into production, in a very controlled and justified fashion, with the right incident and the right controls.
What we don't need is that those same people, because of the simple fact that they need to be able to change a value in the database, we don't need them to be able to truncate a table or to drop any database object.
In Appian, if you have permissions to write into a table via myphpAdmin, you have permissions to drop objects.
So, how can I avoid this?
You can't with the standard permissions. Database schema editors will allow you to drop/truncate.
No choice but to roll your own DB if you want this. Or restrict db access to database viewers and only let them update data via a process.