Beyond the general power roles, SAP BTP allows for the creation of application-specific roles to grant users precise access based on their responsibilities. This granular control ensures that users have the necessary permissions to perform their duties without exposing sensitive areas of the application to all.
Overview of Application-Specific Roles
Purpose:
Granular Access Control: Application-specific roles are designed to provide detailed and restricted access tailored to a user’s particular job function. This helps maintain security and operational efficiency.
Prevent Over-Privileging: By not assigning comprehensive power roles universally, the risk of unauthorized changes and data breaches is minimized.
Example: Restricted Access for Specific Tasks
Scenario: Assigning a user-specific roles to manage containers and view event logs without giving access to the broader functionalities of the application.
Task-Specific Permissions:
Manage Containers: Access to upload, export, and import environments.
View Event Logs: Access to view logs related to application events.
Steps to Assign Application-Specific Roles
Identify Required Roles:
Determine the specific functionalities that the user must access. For instance, managing containers or viewing event logs.
Create and Assign Roles:
Access Role Management: Navigate to the role management section of SAP BTP.
Define New Role: Create a new role that includes permissions only for the required tasks.
Assign Roles to User:
User Assignment: Assign the newly created application-specific roles to the intended user(s).
You are dealing with different teams and each of them needs access just to the specific Universal Model application. You are on the right place to learn it.