SuiteCloud Developer Assistant

Added examples to the Best Practices for SuiteCloud Developer Assistant section.

--- Context from https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/subsect_1121033257.html --- These guidelines reduce errors and improve output quality. AI-generated results may still be incomplete or incorrect; always validate before use. Use SuiteCloud Developer Assistant in accordance with Oracle corporate policies, including applicable security, privacy, and compliance requirements.

Security, Privacy, and Compliance

Never share sensitive credentials. Don't include passwords, private keys, confidential internal information, or other sensitive data in prompts to the SuiteCloud Developer Assistant. Store authentication IDs (auth IDs) securely and never share them in chat, code comments, or public repositories.

Use approved, secure setups. Follow company network and security guidelines (for example, VPN and firewall requirements). Install extensions only from authorized sources (for example, approved marketplaces or internal repositories) and keep SuiteCloud Developer Assistant, SuiteCloud Extension for Visual Studio Code, and Cline up to date.

Incident response. Immediately report security incidents, data exposure, or suspected issues using Oracle incident reporting channels.

Use least privilege for automation and integration. When deploying or testing code in NetSuite, avoid using Administrator or full-privilege roles for routine tasks. Instead, use dedicated roles with only the permissions required for development or deployment. Regularly review and reduce permissions.

Intended use and limitations. Use the SuiteCloud Developer Assistant feature only for its intended business or development purposes. Unethical, illegal, or out-of-scope requests may be blocked and usage limits may apply.

Example:

Prompt to SuiteCloud Developer Assistant: "My SDF deploy fails with INVALID_LOGIN in non-production environments using a least-privilege integration role. Use the details below to help diagnose likely causes and remediation steps. I am including the exact error message and a sanitized suitecloud.config.js snippet (no tokens or

Frequently Asked Questions (4)

How should sensitive credentials be handled when using SuiteCloud Developer Assistant?

Sensitive credentials like passwords, private keys, and confidential information should never be shared in prompts to the SuiteCloud Developer Assistant. Authentication IDs should be stored securely and not included in chat, code comments, or public repositories.

What security setups are necessary for using SuiteCloud Developer Assistant?

It is recommended to follow company network and security guidelines, such as VPN and firewall requirements. Install extensions only from authorized sources, such as approved marketplaces or internal repositories, and ensure SuiteCloud Developer Assistant and related tools are kept up to date.

What permissions should be used for development with SuiteCloud Developer Assistant?

The principle of least privilege should be applied by using dedicated roles with only the necessary permissions for development or deployment tasks. Avoid using Administrator or full-privilege roles for routine tasks and regularly review and adjust permissions as needed.

What actions should be taken if a security incident is suspected when using SuiteCloud Developer Assistant?

Any security incidents, data exposure, or suspected issues should be promptly reported using Oracle's incident reporting channels to ensure proper handling and resolution.