Suivez votre progression
Accueil Trailhead
Accueil Trailhead

Create Transaction Security Policies

Learning Objectives

After completing this unit, you’ll be able to:
  • Enable Transaction Security.
  • Use Condition Builder to define, edit, enable, and disable your own policies.
Warning

Warning

Be careful—Transaction Security is a powerful feature. An incorrect Login Event policy that uses Block as its real-time action locks you out of your org. To prevent this from happening in an org you care about, create a new Trailhead Playground for this module.

Enable Transaction Security

Now that you know what Transaction Security is, let’s get started using it. First, you need to enable Transaction Security in your Trailhead playground.

From Setup, in the Quick Find box, type Transaction Security, and click Transaction Security Policies.

If you’ve never visited this page before, click Enable next to Get Started With Transaction Security.

Page to enable Transaction Security.

Congratulations! Transaction Security is now ready to use in your org.

Create a Policy

Now that you’ve enabled Transaction Security, it’s time to learn how to use it. Policies can be built entirely with clicks, though Apex classes are needed for custom use cases. Let’s start with a simple example: preventing a large data export. For this use case, we’ll use Condition Builder to create the policy with just clicks.

From the main Transaction Security Policies page, click New and then Condition Builder.

New policy page showing options for using Condition Builder or Apex, with Condition Builder selected.

Then click Next. The page to define your policy conditions appears.

Conditions page for new policy.

Let’s say you want to create a Transaction Security policy that limits the number of records someone can export from a report at one time.

  1. In the Event field, select Report Event.
  2. In the Condition Logic field, select All Conditions Are Met.
  3. In the Condition field, select Rows Processed.
  4. In the Operator field, select Greater than or equal.
  5. In the Value field, type 10.
  6. Now add a second condition by clicking the Add Condition button.
  7. In the Condition field, select Operation.
  8. In the Operator field, select Equals.
  9. In the Value field, select ReportExported. Condition page for new policy showing these selections: Report Event, All Conditions Are Met, and two conditions for Rows Processed >= 10 and Operation equal to ReportExported.
  10. Click Next.
  11. For the real-time action, select Block, because you want to block users who try to download too many records at a time.
  12. Select Email notification, and select a user as the recipient. The selected user will receive an email every time a user attempts to download too many records.
  13. Name the policy Block Large Report Downloads Policy.
  14. Don’t enable the policy just yet—you’ll do that later. Your page should now look like this: Actions page for new policy showing these selections: Block, email notification to blurred user, and name Block Large Report Downloads Policy.
  15. Click Finish.

Your policy has been added to the list of available policies.

Edit a Policy

Now let’s say you want to change the conditions in your Transaction Security policy. Editing a policy to change the conditions, notification, action, or most anything else is simple.
  1. From the dropdown next to the Block Large Report Downloads Policy, select Edit.
  2. Notice that the current conditions block a report download when 10 or more rows are exported.

IT has asked you to now block a report when 1,000 or more rows are exported, so let’s update this policy accordingly.

  1. Navigate to the Rows Processed condition. In the Value field, enter 1000. Conditions page for edited policy showing Rows Processed now greater than or equal to 1000.
  2. Click Save then Done.

Enable Your Policy

After you create your policy, you need to enable it so it works in your org.

  1. From the dropdown next to the Block Large Report Downloads Policy, select Edit. Notice that you can also enable a policy in this dropdown.
  2. Click the Actions tab, and select Enable at the bottom of the page. Actions page for edited policy highlighting how to enable it.
  3. Click Save then Done.

Nice work! Now the policy is enabled.