Within our organization, we have Modify_ContentAdmin who accidently modify data connection when his password expired. The role has the ability to create, update and delete some data connections. The purpose of this security rule is to limit this role from being able to update or change this data connections that connects to our database listed below. Does anyone have any suggestion on knowing how to limit this connection?
((user.roles="Modify_ContentAdmin") or (resource.id=34e6d04c-0d64-42ad-951e-93bc86998dc3 and resource.resourcetype="folder" and resource.DataConnection.HasPrivilege("read")))