Hi All,
I want to provide a user the following access
1. Monitoring the instances
2. Access cloud DB
3. Access the system Logs
I DO NOT want the following access
1. Design the Process Model
2. Edit any rule
Is there a way where we can provide such kind of access to any of the user.
What i did was I created a user of Basic User type. and added him to Designers group. He can access the instances,Cloud DB and Logs, But at the same time he is also having the access to design the process models. Can we restrict the users for not having the designer access. If so could you please let me know.
Discussion posts and replies are publicly visible
You would need to have appropriate security settings in the process models you want this user to be able to view and not edit. Your security would need to be set up such that this user is included in the "viewers" group for the process models, but does not have "editor" permissions.
Please note that this would apply only to existing process models; as far as I know, such a user might still have access to editing other process models without sufficient security settings. I believe this user would not have access to creating new process models as they would (hopefully) not be in the "process model creators" group.
I believe you can't accomplish what you're asking for with respect to viewing the Cloud DB. The only setting I know of that controls this is membership in the Database Administrators group (which, i think, members of Designers inherit by default), and users who can access the DB have the ability to make changes as easily as viewing information.
For system log access, it looks like designers get access to these. No users are enabled to make any changes to these of course.
Thanks @Mike. Points noted, but I have one more question is there a way where we can provide a read Only access to the db who is added into database admins group
No functionality exists for that level of Read Only Cloud DB access. Unfortunately once you are in the Database Admins custom group you have near DBA level access - for deletes, edits etc. I'm pretty sure I've raised an enhancement request with Appian to see if there is the ability to have a read only view.
Nope, as I noted before and as paulc919 confirmed. The closest you can get is by building something in the front-end that allows some user with high visibility privs to browse the values in certain pre-selected tables which you build interfaces for. But you'd probably have to build out separate functionality (to some extent) for each different table you intend to handle, and thus it would be advisable to just pick a few important ones and do those.