Marketplace access #1143
Replies: 2 comments · 1 reply
-
|
SCPs are already in place which only allow additions to the Marketplace from the Mgmt account. Users of any type should almost NEVER be allowed to login or access the mgmt account, it's access should be highly restricted. SCPs are not applicable to the mgmt account. Enforcing modifications of marketplace products needs to be implemented through GC policy, not a preventative security control. |
Beta Was this translation helpful? Give feedback.
-
|
Thanks Brian for your reply. However as it stands users from their own respective workload account CAN add products from the marketplace by browsing and hitting the "Add to Private Marketplace" button. Can you point out the SCP policy that blocks such functionality? Our access to the Mgmt account is tightly controlled. |
Beta Was this translation helpful? Give feedback.
-
|
It's been a while since I looked, but -Sandbox, -Unclass, and -Sensitive SCP files each contain the following lines, which should be blocking the marketplace from being updated: I will get someone to review to see if anything has changed. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Can we block the ability to add items to the private marketplace? It is currently wide open, as long as the user has the permissions. The desired outcome would be to only allow authorized users part of an existing SSC group to add items to the marketplace from the Management account ONLY. Thank you.
Beta Was this translation helpful? Give feedback.
All reactions