The SAP Analytics Cloud (SAC) is a very sophistaced cloud solution that offers a huge bandwith of connection possibilities. Hence, considering authorizations, all those possibilities should be considered as well additionally to its own authorization concept and file system like structure. And – as like always – there is more than one option to examine and the odds need to be weighed.
At a Glance – SAC Authorizations
The SAC authorization concept can be seen as stand alone as well as interoperable. Within the cloud solution itself, authorizations can be managed for actions and data access as well as for the folder structure. Regarding this the SAC has its own kind of authorizations- meaning no NetWeaver PFCG roles, no SAP HANA privileges or similiar SAP-like authorizations.
SAC Role Management
Within the SAC solution roles can be built individually and also being managed centrally within the “Security” section. After having built roles, SAC can get a little bit tricky. The solution offers two ways of assigning roles to users:
- Assigning roles to users directly
- Roles are being assigned to teams and teams on the otherhand consist of users
Thinking straight forward as like in classic ABAP systems, option one would be preferred since it is a knwon approach of authorization experts. Though, it should be mentioned that this approach (should) always contains a central user management system or similiar systems (e.g. SAP GRC) that centrally manages the user<->role assignments.
Make a one-time donation
Make a monthly donation
Make a yearly donation
Choose an amount
Or enter a custom amount
Your contribution is appreciated.
Your contribution is appreciated.
Your contribution is appreciated.
DonateDonate monthlyDonate yearly
SAP Authorization Universe 