cancel
Showing results for 
Search instead for 
Did you mean: 

SOD Rules Impact - S/4 Hana and Fiori

former_member187795
Participant
0 Kudos

Hi All,

Our client is in the process of implementing S4 HANA together with FIORI apps.

As per our initial analysis, we noticed that this will impact our existing GRC SOD ruleset.

We are currently reviewing the impact to existing rules and it seems like we may need to include the corresponding Hash values of each app in the rules for S_SERVICE authorization object to eliminate false positives.

Following is the scenario:

User has been assigned with a FIORI role and S/4 HANA role. S_SERVICE authorization with corresponding O Data service details have been included in both FIORI and S4 HANA role. However, the corresponding hash values in S4 HANA and FIORI for the same service and not the same.

So, just wanted to understand what is the best way to define our SoD rule? Do we need to define Cross System rules by incorporating hash value from FIORI system or define Single system rule by using the hash value from S4 HANA system?

(Note: We are using Central Hub gateway model where our front end and backend are separate)

Need your expert advise.

Regards,

Paddhu

Accepted Solutions (0)

Answers (2)

Answers (2)

former_member187795
Participant
0 Kudos

Hi Bipul,

Thanks for your response. Do you have any example on how you did this?

bipul_kumar3
Explorer
0 Kudos

I think defining single system rule by using hash value from S4 HANA will be sufficient as front end system authorization just give access to a screen whereas back-end system gives access to service which brings the data and without that access one has no use of front end authorizations.

Regards,

Bipul Kumar