We are looking to provide our operations team with the ability to Replay failed messages or groups of messages via the Service Pulse tool, however, we would not like for them to be able to Delete messages or groups of messages via the tool. Is there a way to disable that functionality for certain users? I see in the Install ServicePulse in IIS article there is a section on Role-based security but the roles it defines do not meet our needs (i.e. we can either give users only read access or complete control over failed messages but not partial).
I don’t think there’s a good way to achieve this at the moment. We’ve included the delete group HTTP API in the /recoverability/ endpoint - which is unfortunately also used for retrying messages.
Moving the API to a new endpoint is problematic too because of the different versions of ServicePulse that use that API.
We are tracking an internal issue to improve the configuration options for security around ServicePulse.
Please send a mail through to support@particular.net we can get on a call to discuss other options to help you while we’re still working on improving the options.