Security Management app collaboration permission doesn't let delegated developers create ACLs?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-06-2024 02:48 PM
Hey all,
I've got a bit of a niche question - My company leverages both App Engine Studio and "Classic" studio to allow some of our users to be citizen developers and create their own Scoped Applications. When creating a new app collaboration descriptor, "Security Management" has always been an option that we grant to our delegated developers to (hopefully) allow them to manage the ACLs and roles within their scopes, without needing to grant them the global security_admin role.
According to this documentation page, the permission is supposed to "Grant access to security management files, such as Access Control Lists and roles." however, our delegated developers never seem to be able to create ACLs in Studio or App Engine Studio without help from Global Admins.
So my question is - Why have this "Security Management" permission if security_admin is still needed to change ACLs and roles in custom scopes?
Thanks!