Learn how to control access to data and resources with security roles and associated privileges. A business unit can have only one parent business unit, but can have multiple child business units A user’s security roles are assigned within a business unit. The organization wants to create business units for the east and west operations We will create 2 child business units (east, west) off the parent root business unit, and then assign teams to the child business units. So far, we’ve looked at how to wall off data between business units (both parent and child business units) and how security roles delineate granular access and permissions to tables within crm.
By aligning business units with security roles, we can start to enhance a security model and can actually start building complex role based access control (rbac) models Let’s jump straight into it We’re all probably familiar with what business units are and how they work. For each business unit that a user needs to access data, a security role from that business unit is assigned to the user When the user creates a record, the user can set the business unit to own the record. Security roles define what actions users can perform and on what data
Define actions (e.g., create, read, write, delete, append, append to, assign, share) Security roles are assigned to users and teams. I’m trying to establish specific security roles for each child business unit and have these roles automatically inherited via the aad security team when a user is assigned to it.
OPEN
