We are working on the security design for SAP DI 3.0 solution in our BTP environment. We would need some additional info related to the standard SAP DI artifacts/policies as to help with an efficient custom policy design.
Please help to address the following open questions in this regard:
1. How can we get a list of all resource types (eg.- application, connection, etc. ) and their respective attributes/activities (eg. start, stop,read, admin, execute, etc.) in our existing SAP DI environment?
2. Information on the categorization of all resource types to the relevant classes
Eg. connectionConfiguration,connection, etc. - > Admin
connectionContent - > Metadata
application -> Application
3. Provide a list of all applications of the resource type - application?
4. How or where we can get the info of the mapping / relationship of Policies to the corresponding UI Tiles/Apps on the SAP DI UI?
Eg.What is the policy / privilege that is needed for granting a user access to the link / tile /app - "Connection Management"
5. Finally, what the process/approach to control access for different users to the different project specific artifacts – pipeline models, data lake catalogs/data sets
We would not want users belonging to different areas given access across the metadata in SAP DI
Attached a document with some screenshots/ details related to the above inquires.
Appreciate your help in clarifying these open questions.