Security Management app collaboration permission doesn't let delegated developers create ACLs?

Peter Cramer
Tera Contributor

Hey all,

 

I've got a bit of a niche question - My company leverages both App Engine Studio and "Classic" studio to allow some of our users to be citizen developers and create their own Scoped Applications. When creating a new app collaboration descriptor, "Security Management" has always been an option that we grant to our delegated developers to (hopefully) allow them to manage the ACLs and roles within their scopes, without needing to grant them the global security_admin role.

 

According to this documentation page, the permission is supposed to "Grant access to security management files, such as Access Control Lists and roles." however, our delegated developers never seem to be able to create ACLs in  Studio or App Engine Studio without help from Global Admins.

 

So my question is - Why have this "Security Management" permission if security_admin is still needed to change ACLs and roles in custom scopes?

 

Thanks!

0 REPLIES 0