Secure > Authorization > Customize default access control policies > Examples: Customizing access control policies using the Organization Administration Console

Example: Permitting only logistics managers, operations managers, and account representatives to create, update, or delete fulfillment centers

By default, fulfillment center managers are authorized to create, update or delete the fulfillment centers associated with their store. The fulfillment center manager's access group includes the roles: Seller, Logistics Manager, Operations Manager, and Account Representative. In some cases, you might not want Sellers to be authorized as fulfillment center managers.

To make this change, do the following:

• Determine the resource-level policy that authorizes fulfillment center managers to manage fulfillment centers.

• Remove the seller role from the definition of the fulfillment center managers access group.

Remove the seller role from the access group

1. Find the resource-level policy that authorizes procurement shopping cart managers to manage procurement shopping carts for orders. The policy is:

   FulfillmentCenterManagersForOrgExecuteFulfillmentCenterManage CommandsOnFulfillmentResource

2. From the Organization Administration Console, click Access Management > Access Groups.

3. From the list of access groups, select FulfillmentCenterManagersForOrg.

4. Click Change to display the Change Access Group page.

5. Click Access Management > Access Groups.

6. Click Change to display the Details page.

7. Click Criteria to display the Criteria page.

8. From the Role list, select Seller.

9. Click Remove.

10. Click OK.

Update the access control policy registry with the changes

1. Open the Administration Console.

2. Click Configuration > Registry.

3. From the list of registries, select Access Control Policies.

4. Click Update.

+

Search Tips   |   Advanced Search