User Access with No Editing access but having monitoring access

A Score Level 2

Hi All,

I want to provide a user the following access

1. Monitoring the instances

2. Access cloud DB

3. Access the system Logs

I DO NOT want the following access

1. Design the Process Model

2. Edit any rule

Is there a way where we can provide such kind of access to any of the user.

What i did was I created a user of Basic User type. and added him to Designers group. He can access the instances,Cloud DB and Logs, But at the same time he is also having the access to design the process models. Can we restrict the users for not having the designer access. If so could you please let me know.

Parents
  • You would need to have appropriate security settings in the process models you want this user to be able to view and not edit.  Your security would need to be set up such that this user is included in the "viewers" group for the process models, but does not have "editor" permissions.

    Please note that this would apply only to existing process models; as far as I know, such a user might still have access to editing other process models without sufficient security settings.  I believe this user would not have access to creating new process models as they would (hopefully) not be in the "process model creators" group.

    I believe you can't accomplish what you're asking for with respect to viewing the Cloud DB.  The only setting I know of that controls this is membership in the Database Administrators group (which, i think, members of Designers inherit by default), and users who can access the DB have the ability to make changes as easily as viewing information.

    For system log access, it looks like designers get access to these.  No users are enabled to make any changes to these of course.

Reply
  • You would need to have appropriate security settings in the process models you want this user to be able to view and not edit.  Your security would need to be set up such that this user is included in the "viewers" group for the process models, but does not have "editor" permissions.

    Please note that this would apply only to existing process models; as far as I know, such a user might still have access to editing other process models without sufficient security settings.  I believe this user would not have access to creating new process models as they would (hopefully) not be in the "process model creators" group.

    I believe you can't accomplish what you're asking for with respect to viewing the Cloud DB.  The only setting I know of that controls this is membership in the Database Administrators group (which, i think, members of Designers inherit by default), and users who can access the DB have the ability to make changes as easily as viewing information.

    For system log access, it looks like designers get access to these.  No users are enabled to make any changes to these of course.

Children
No Data

 Discussion posts and replies are publicly visible