Skip to Content
author's profile photo Former Member
Former Member

Restrict RFC Connector in GRC

Hi Gurus,

We are currently working on a GRC10 implementation where we have some concerns with the access the RFC connector from GRC to ECC might have to sensitive information (particularly access to sensitive HR tables). Is there a way to restrict via security the RFC ID's ability to access certain tables/information in ECC? My understanding is that RFC connectors need to have SAP_ALL or automated business rules won't execute properly. Is this correct? Or can they be restricted.

Appreciate your thoughts and feedback!

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

1 Answer

  • author's profile photo Former Member
    Former Member
    Posted on Jan 20, 2014 at 04:30 PM

    Hello Taylor,

    RFC user id that is used to connect backend systems should never have SAP_ALL.

    with that said, here are some authorizations that you can consider for the id that is used to communicate with the backend ECC system: you can find this info in the security guide


    rfc1.png (36.3 kB)
    rfc2.png (85.5 kB)
    rfc3.png (59.2 kB)
    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.