How to limit admin users from making any changes to configs or custom developer work

MM25 · ‎08-08-2023

Hi

I have to set up a user account with admin access but that user should not have the ability to make any changes to configs or custom developer work (Scripts/Code/UI actions/Script Includes/etc.) that is done on the platform.

I tried giving admin and snc_read_only roles but that is overwriting the ability to create/edit records in the table.

Is there any other way through with I can achieve this?

Aaron_Braun · ‎03-11-2024

snc_read_only is exactly as it sounds it will give someone read only access to whatever role they have. This can be useful for auditors or developers in a QA environment they don't need full edit privileges in.

Ultimately it depends on what they are trying to modify in production and if they should be doing that in Production at all. Almost everything should be following a promotion process from a developer instance to QA/TST instance to Production. I assume you are meaning this for sub-production to which you have to either use scoped applications with delegated development or trust your developers with admin access in those instances.