Securely Sharing Joule Skills in SAP Build with SAP Cloud Identity Services
PorAinvest
viernes, 25 de julio de 2025, 1:11 am ET1 min de lectura
SAP--
Understanding Access Control in SAP Build
SAP Build's environment sharing allows for the secure distribution of custom Joule Skills. By default, only users explicitly granted Execute or Admin access in the shared environment can interact with the skills. If unauthorized users attempt to access the skill, they receive a generic fallback response from Joule.
Sharing Skills with User Groups
To enhance governance and security, SAP Build supports sharing skills with user groups from SAP Cloud Identity Services (CIS) tenant:
1. Create a User Group: In your IAS (Cloud Identity) tenant, create a user group.
2. Assign Users: Assign the required users to this group.
3. Share in SAP Build: In SAP Build, open the shared environment of your custom Joule Skill. Click on Share, set the Type to User Group, and enter the exact name of the group created in IAS. Set the appropriate authorization (Execute or Admin).
4. Redeploy Access: After sharing with user groups, navigate to the Joule tab inside the environment. Click Refresh, and then redeploy the capability to apply the new access configuration. This process may take a few minutes.
Open Access for Everyone
For scenarios where skills are intended for broader use within the organization, SAP Build allows setting general access to everyone with Execute permissions. This method should be used with caution, especially if the skill handles sensitive operations or data.
Conclusion
Properly managing access to custom Joule Skills is essential for maintaining security and ensuring that the right users have the appropriate access levels. SAP Build provides the flexibility to share skills with user groups or open access to all users, making it a versatile tool for developers and administrators. By following these steps, organizations can deploy custom Joule Skills securely and effectively.
References
[1] https://community.sap.com/t5/technology-blog-posts-by-sap/getting-started-with-joule-studio-in-sap-build-part-4-managing-access-to/ba-p/14162116
[2] https://news.sap.com/2025/07/sap-business-ai-release-highlights-q2-2025/
SAP Build's Joule Studio allows for secure sharing of custom skills through environment sharing. Users can share projects with up to 10 user groups or 5 individual users, and access types are Execute (allows users to use the skill) and Admin (full access to manage the environment). Users can share skills securely by creating user groups in SAP Cloud Identity Services and assigning users to these groups. Sharing with user groups allows for better governance and security.
SAP Build's Joule Studio offers a robust platform for developing and deploying custom skills, but ensuring secure and controlled access to these skills is crucial. This article explores the process of sharing custom Joule Skills securely using SAP Build and SAP Cloud Identity Services.Understanding Access Control in SAP Build
SAP Build's environment sharing allows for the secure distribution of custom Joule Skills. By default, only users explicitly granted Execute or Admin access in the shared environment can interact with the skills. If unauthorized users attempt to access the skill, they receive a generic fallback response from Joule.
Sharing Skills with User Groups
To enhance governance and security, SAP Build supports sharing skills with user groups from SAP Cloud Identity Services (CIS) tenant:
1. Create a User Group: In your IAS (Cloud Identity) tenant, create a user group.
2. Assign Users: Assign the required users to this group.
3. Share in SAP Build: In SAP Build, open the shared environment of your custom Joule Skill. Click on Share, set the Type to User Group, and enter the exact name of the group created in IAS. Set the appropriate authorization (Execute or Admin).
4. Redeploy Access: After sharing with user groups, navigate to the Joule tab inside the environment. Click Refresh, and then redeploy the capability to apply the new access configuration. This process may take a few minutes.
Open Access for Everyone
For scenarios where skills are intended for broader use within the organization, SAP Build allows setting general access to everyone with Execute permissions. This method should be used with caution, especially if the skill handles sensitive operations or data.
Conclusion
Properly managing access to custom Joule Skills is essential for maintaining security and ensuring that the right users have the appropriate access levels. SAP Build provides the flexibility to share skills with user groups or open access to all users, making it a versatile tool for developers and administrators. By following these steps, organizations can deploy custom Joule Skills securely and effectively.
References
[1] https://community.sap.com/t5/technology-blog-posts-by-sap/getting-started-with-joule-studio-in-sap-build-part-4-managing-access-to/ba-p/14162116
[2] https://news.sap.com/2025/07/sap-business-ai-release-highlights-q2-2025/
Divulgación editorial y transparencia de la IA: Ainvest News utiliza tecnología avanzada de Modelos de Lenguaje Largo (LLM) para sintetizar y analizar datos de mercado en tiempo real. Para garantizar los más altos estándares de integridad, cada artículo se somete a un riguroso proceso de verificación con participación humana.
Mientras la IA asiste en el procesamiento de datos y la redacción inicial, un miembro editorial profesional de Ainvest revisa, verifica y aprueba de forma independiente todo el contenido para garantizar su precisión y cumplimiento con los estándares editoriales de Ainvest Fintech Inc. Esta supervisión humana está diseñada para mitigar las alucinaciones de la IA y garantizar el contexto financiero.
Advertencia sobre inversiones: Este contenido se proporciona únicamente con fines informativos y no constituye asesoramiento profesional de inversión, legal o financiero. Los mercados conllevan riesgos inherentes. Se recomienda a los usuarios que realicen una investigación independiente o consulten a un asesor financiero certificado antes de tomar cualquier decisión. Ainvest Fintech Inc. se exime de toda responsabilidad por las acciones tomadas con base en esta información. ¿Encontró un error? Reportar un problema
SOBRE NOSOTROS
Nuestra historiaAutores de noticiasBase de conocimientosPolítica de privacidadTérmino de usoDescargo de responsabilidad de corretaje de tercerosTérminos de uso de AIMEDivulgaciones de riesgos de AInvest AICarrerasCONTÁCTENOS
Email: support@ainvest.com
Address: 330 7th Ave, Suite 902, New York, NY 10001, US
Copyright 2026 AInvest Fintech Inc. All rights reserved.
Comentarios
Aún no hay comentarios