We now have an access policy which will only allow authorized users to edit, download, deploy or delete iFlows. This will help in keeping the CPI environment safe from accidental edit/delete of iFlow from unauthorized users.
Below are the steps to give access to a particular user to edit/deploy/download/delete the iFlow, all other users can only view the iFlow and wont be able to perform any other action.
Go to CPI > Monitor > Access Policies
Create new access policy.
Give name and description.
Click on the newly created access policy and press the + button to create artifacts reference.
Give name, description, artifact type and name of the iFlow which we want to restrict for other users.
All the following steps will be performed in SAP cockpit, the user should have admin access to perform below activities..
Go to the CPI instance where the access policies needs to be applied.
Click on Application > Subscription > we want to click on the one with tmn in the end
Click on Roles,
Click on new Role, and give the name of the role which we created in CPI.
Now in the assign we can add the SAP ID of all the developers which we want access for the iFlow.
Once this user is assigned to the role, no other user will be able to access.
I will login with different user and try to edit the iFlow.
So, with this authorization in place, we can control who can work on your iFlow, and we can avoid situations where other teams/developer has modified your iFlow or deleted it.