Permissions

There are 4 types of permissions in ODD Platform:

  • Data entity permissions: Actions related to specific data assets, such as tables, data streams, or dashboards.

  • Term permissions: Actions concerning the management of the business glossary, e.g. terms and their definitions.

  • Query Example permissions: Actions for creating and managing SQL query examples linked to data assets.

  • Management permissions: High-level administrative actions for managing the platform's infrastructure and configuration, such as creating data sources, managing users, or defining access control rules.

This is the full list of permissions divided by types:

Data entity permissions

  • DATA_ENTITY_ADD_TERM Allows to add term for data entity;

  • DATA_ENTITY_ADD_TO_GROUP Allows to add data entity to manually created group;

  • DATA_ENTITY_ALERT_CONFIG_UPDATE Allows configuring alert settings for a data entity (e. g. backwards incompatible schema change alert, failed data quality test, failed job, distribution anomaly) and the time period to disable notifications.

  • DATA_ENTITY_ALERT_RESOLVE Allows to resolve alerts for data entity;

  • DATA_ENTITY_ATTACHMENT_MANAGE Allows adding, deleting, and managing file attachments and links for a data entity;

  • DATA_ENTITY_CUSTOM_METADATA_CREATE Allows to create custom metadata for data entity;

  • DATA_ENTITY_CUSTOM_METADATA_DELETE Allows to delete custom metadata for data entity;

  • DATA_ENTITY_CUSTOM_METADATA_UPDATE Allows to edit custom metadata for data entity;

  • DATA_ENTITY_DELETE_FROM_GROUP Allows to remove data entity from manually created group;

  • DATA_ENTITY_DELETE_TERM Allows to remove term from data entity;

  • DATA_ENTITY_DESCRIPTION_UPDATE Allows to edit/delete data entity's custom description;

  • DATA_ENTITY_GROUP_UPDATE Allows to edit manually created data entity group;

  • DATA_ENTITY_INTERNAL_NAME_UPDATE Allows to edit/delete data entity's business name;

  • DATA_ENTITY_OWNERSHIP_CREATE Allows to create ownership for data entity;

  • DATA_ENTITY_OWNERSHIP_DELETE Allows to delete ownership for data entity;

  • DATA_ENTITY_OWNERSHIP_UPDATE Allows to edit title for data entity ownership;

  • DATA_ENTITY_STATUS_UPDATE Allows changing the lifecycle status of a data entity (e.g., stable, deprecated, deleted, draft, unassigned);

  • DATA_ENTITY_TAGS_UPDATE Allows to edit data entity's tags;

  • DATASET_FIELD_ADD_TERM Allows linking a business glossary term to a specific field within a dataset;

  • DATASET_FIELD_DELETE_TERM Allows removing a linked business glossary term from a specific field within a dataset;

  • DATASET_FIELD_DESCRIPTION_UPDATE Allows editing the description of an individual dataset's field;

  • DATASET_FIELD_ENUMS_UPDATE Allows to edit dataset's enum values;

  • DATASET_FIELD_INTERNAL_NAME_UPDATE Allows editing the business name of an individual dataset field;

  • DATASET_FIELD_TAGS_UPDATE Allows adding or removing tags from an individual dataset field;

  • DATASET_TEST_RUN_SET_SEVERITY Allows to set severity for dataset's quality tests;

  • QUERY_EXAMPLE_DATASET_CREATE Allows to create a link between dataset and query example;

  • QUERY_EXAMPLE_DATASET_DELETE Allows to unlink query example and dataset.

Term permissions

  • QUERY_EXAMPLE_TERM_CREATE Allows to create a link between a query example and a term;

  • QUERY_EXAMPLE_TERM_DELETE Allows to unlink a query example and a term;

  • TERM_DELETE Allows deleting a term from the business glossary;

  • TERM_OWNERSHIP_CREATE Allows to create ownership for a term;

  • TERM_OWNERSHIP_DELETE Allows to delete ownership for a term;

  • TERM_OWNERSHIP_UPDATE Allows editing the title for a term's ownership;

  • TERM_TAGS_UPDATE Allows to edit tags for a term;

  • TERM_UPDATE Allows editing the name, namespace, and definition for a term.

Query Example permissions

  • QUERY_EXAMPLE_CREATE Allows to create a query example;

  • QUERY_EXAMPLE_DELETE Allows to delete a query example;

  • QUERY_EXAMPLE_UPDATE Allows to edit a query example.

Management permissions

  • COLLECTOR_CREATE. Allows registering a new metadata collector;

  • COLLECTOR_DELETE. Allows deleting a collector;

  • COLLECTOR_TOKEN_REGENERATE. Allows regenerating the security token for a collector;

  • COLLECTOR_UPDATE. Allows editing a collector's configuration;

  • DATA_ENTITY_GROUP_CREATE. Allows creating a new data entity group;

  • DATA_SOURCE_CREATE. Allows creating a new data source connection;

  • DATA_SOURCE_DELETE. Allows deleting a data source;

  • DATA_SOURCE_TOKEN_REGENERATE. Allows regenerating the security token for a data source;

  • DATA_SOURCE_UPDATE. Allows editing an existing data source's configuration;

  • DIRECT_OWNER_SYNC. Allows associating a user with an owner without an approval request;

  • LOOKUP_TABLE_CREATE. Allows creating a lookup table;

  • LOOKUP_TABLE_DATA_CREATE. Allows adding data rows to a lookup table;

  • LOOKUP_TABLE_DATA_DELETE. Allows deleting data rows from a lookup table;

  • LOOKUP_TABLE_DATA_UPDATE. Allows editing data rows in a lookup table;

  • LOOKUP_TABLE_DEFINITION_CREATE. Allows defining the structure (columns) of a lookup table;

  • LOOKUP_TABLE_DEFINITION_DELETE. Allows deleting the structure (columns) of a lookup table;

  • LOOKUP_TABLE_DEFINITION_UPDATE. Allows modifying the structure (columns) of a lookup table;

  • LOOKUP_TABLE_DELETE. Allows deleting a lookup table;

  • LOOKUP_TABLE_UPDATE. Allows editing the name and description of a lookup table;

  • NAMESPACE_CREATE. Allows creating a new namespace;

  • NAMESPACE_DELETE. Allows deleting a namespace;

  • NAMESPACE_UPDATE. Allows editing an existing namespace;

  • OWNER_ASSOCIATION_MANAGE. Allows approving or denying user-owner association requests (for more details please check User-owner association section);

  • OWNER_CREATE. Allows creating a new owner entity;

  • OWNER_DELETE. Allows deleting an owner;

  • OWNER_RELATION_MANAGE. Allows accepting or declining ownership association requests;

  • OWNER_UPDATE. Allows editing an existing owner;

  • POLICY_CREATE. Allows creating a new access policy;

  • POLICY_DELETE. Allows deleting an access policy;

  • POLICY_UPDATE. Allows editing an existing access policy;

  • ROLE_CREATE. Allows creating a new user role;

  • ROLE_DELETE. Allows deleting a user role;

  • ROLE_UPDATE. Allows editing an existing user role;

  • TAG_CREATE. Allows creating a new tag;

  • TAG_DELETE. Allows deleting a tag;

  • TAG_UPDATE. Allows editing an existing tag;

  • TERM_CREATE. Allows creating a new term in the business glossary.

Comprehensive Permissions

  • ALL Includes all permissions above.

PreviousPoliciesNextRoles

Last updated