Question

20
Views
AnishT86 Member since 2020 1 post
Vivat
Posted: 3 months ago
Last activity: 3 months 1 week ago

What is the recommended way to restrict syadmin privileges when building from dependent roles?

Hi,

We are trying to build our own sysadmin level role which would essentially have all PegaRULES:SysAdm4 privileges and access but in future we should be able to restrict some access when needed.

For example, the Syadmin has access to clipboard through the ClipboardViewer privilege, but in future if we want to, we should be able to override/remove that access.

Currently , we are creating an access role, say ABC:Administrators and in the dependent role array, we have PegaRULES:SysAdm4 thus our administrator inherits all access from PegaRULES:SysAdm4.

What is the best way to restrict such access in future?.

We really want to avoid cloning the entire PegaRULES:SysAdm4 into ABC:Administrators, removing PegaRULES:SysAdm4 from dependent roles and then removing the privilege.

Is there any other clean, modular approach?

***Edited by Moderator: Pallavi to update platform capability tags***  

Pega Platform 8.2.6 Security System Administration Lead System Architect
Share this page LinkedIn