How to provide read only access to Catalog Item?

Go to solution
Mark Nguyen
Tera Guru

‎07-03-2023 12:32 PM

Every so often a developer or catalog admin will accidently make a change to a Catalog item directly in Production in the Default Update Set by updating a variable. This is causing implications with our SOX Controls and we are asked to remove the ability to make changes directly in Production.

We still want to provide read only access to Catalog Item so that a catalog admin can drill down and see workflow/flow etc without ability to make change. Removing catalog_admin role removes most accesss.

 

Anyone have ideas or suggestions on how to provide Catalog Item detail read only access?

 

Thanks

Mark N

  • 1,362 Views
1 ACCEPTED SOLUTION

Go to solution
Riya Verma
Kilo Sage
Kilo Sage

‎07-03-2023 12:47 PM

Hi @Mark Nguyen ,

 

Hope you are doing great.

 

To provide read-only access to Catalog Item details while removing the ability to make changes directly in Production, you can follow these steps:

  1. Create a new read-only role

  2.  Assign the newly created read-only role to the catalog administrators who should have access to view Catalog Item details without the ability to make changes. Ensure that the catalog_admin role, which grants extensive access, is removed from these users.

  3. Modify the Access Control Lists associated with Catalog Items to restrict write access. Review the existing ACLs related to Catalog Items and update them to allow read access only for the read-only role, while removing write access for all roles and users.

  4. Validate the read-only access by logging in with a user assigned the read-only role and verifying that they can view Catalog Item details without any options to modify the content.

 
 
 
Please mark the appropriate response as correct answer and helpful, This may help other community users to follow correct solution.
Regards,
Riya Verma

View solution in original post

2 REPLIES 2

Go to solution
Riya Verma
Kilo Sage
Kilo Sage

‎07-03-2023 12:47 PM

Hi @Mark Nguyen ,

 

Hope you are doing great.

 

To provide read-only access to Catalog Item details while removing the ability to make changes directly in Production, you can follow these steps:

  1. Create a new read-only role

  2.  Assign the newly created read-only role to the catalog administrators who should have access to view Catalog Item details without the ability to make changes. Ensure that the catalog_admin role, which grants extensive access, is removed from these users.

  3. Modify the Access Control Lists associated with Catalog Items to restrict write access. Review the existing ACLs related to Catalog Items and update them to allow read access only for the read-only role, while removing write access for all roles and users.

  4. Validate the read-only access by logging in with a user assigned the read-only role and verifying that they can view Catalog Item details without any options to modify the content.

 
 
 
Please mark the appropriate response as correct answer and helpful, This may help other community users to follow correct solution.
Regards,
Riya Verma

Go to solution
Mark Nguyen
Tera Guru
In response to Riya Verma

‎07-06-2023 10:20 AM

Thank you @Riya Verma this got me on the right track! Appreciate your time to reply.

0 Helpfuls