So this rule:
Name: _gss – Root Admin Group Rule
- Description: Allow all access to any user that is a member of the group QlikRootAdmin.
- Actions: Create, Read, Update, Delete, Export, Publish, Change owner, Change role, Export data
- Resource filter: *
user.group="QlikRootAdmin" or user.roles="RootAdmin"
- Context: Both in hub and QMC
- Tags: Custom Rule
gives full access to everything. We have had a conversation and think that the intent was for QMC only. We are investigating the impact of switching to QMC only.