I would like to set all roles, except Admin and Configuration Management, to have view-only permission for several CI objects (e.g. CI.Computer). This is so that Admin and Configuration Management roles can add, delete or modify these CI objects but all other roles (e.g. SDA) have view only access.
Is there an easier way to achieve this rather than opening up each role one at a time in Configure > Roles and Permissions, then navigate to the CI objects in Object Permissions, unchecking Add, Edit and Delete options and saving the changes?