Data Source Security

By default, when creating a data source, the Knowledge buddy manager role has View data source access, and the Data source manager role has Manage data source access.

View data source

Reviewing data source access types can ensure that only authorized individuals can view data sources. Viewing data source cases is a common activity, and Pega's security policy ensures that only authorized access roles can perform this action. Let us explore some real-world examples:

Data Source List on the Knowledge Buddy Portal Landing Page

The landing page of Knowledge Buddy provides a comprehensive list of data source cases, which are accessible through the left navigation pane.

• KnowledgeBuddy:Admin: With Admin access, you can always read all data source cases through landing page reports.
• Access Role Based Security Control: Individuals who do not hold the KnowledgeBuddy:Admin role are subject to access role-based security when viewing data source cases on the landing page. Individuals can view only those data source cases for which they have been granted access through their assigned roles, either with the View Data Source or Manage Data Source access type.

Data Source List in the Information Variable table in the Knowledge Buddy Case Definition

The Information Variable table in a Knowledge Buddy case provides a centralized location for managing data source cases for a particular Buddy. This feature ensures an organized and efficient approach to handling data for your Buddy case, while making GenAI calls to answer the questions or get responses for a certain text phrase.

• KnowledgeBuddy:Admin: With this access, you can always read data source cases through the information variable table in Knowledge Buddy case types.
• Access Role Based Security Control: Individuals who do not hold the KnowledgeBuddy:Admin role are subject to access role-based security when viewing data source cases from the information variable table present in a Knowledge Buddy case type. Individuals can view only those data source cases for which they have been granted access through their assigned roles, either with the View Data Source or Manage Data Source access type.

The Manage Data Source access type ensures that only authorized individuals can edit data source cases, aligning with the principle of least privilege and strengthening the overall security posture of the application.

• KnowledgeBuddy:Admin: Users holding the "KnowledgeBuddy:Admin" access are granted exclusive rights to edit all data source cases present in the application. This role provides unrestricted access, enabling administrators with the KnowledgeBuddy:Admin role to make necessary modifications, updates, or edits to any data source case.
• Access Role Based Security Control: For individuals who do not have the KnowledgeBuddy:Admin role, access to managing data source cases is restricted based on their assigned roles. Users can manage only those data source cases where at least one of their roles matches the access roles specified in the data source case specifically, with the Manage Data Source access type.

This access control mechanism ensures that users have the appropriate permissions aligned with their roles, preventing unauthorized modification of data source cases.

You have reached the end of this topic. You have learned about:

• Access role configurations for data sources