ODD Platform
  • Overview
  • Architecture
  • ODDRN
  • Features
  • Use cases
    • Data compliance for Data Scientists
    • Deprecation for Data Engineer \ Analyst
    • Visibility for Data Quality Engineer
    • Data preparation for Visualization Engineer
    • Service Provider and Pre-Sales
  • Configuration and Deployment
    • Try locally
    • Deploy to Amazon Elastic Kubernetes Service (EKS)
    • Configure ODD Platform
    • Enable security
      • Authentication
        • Disabled authentication
        • Login form
        • OAUTH2/OIDC
        • LDAP
      • Authorization
        • Policies
        • Permissions
        • Roles
        • Owners
        • User-owner association
  • Developer Guides
    • API Reference
    • How to contribute
    • GitHub organization overview
    • Build and run
      • Build and run ODD Platform
      • Build and run ODD Collectors
Powered by GitBook
On this page
Edit on GitHub
  1. Configuration and Deployment
  2. Enable security
  3. Authorization

Roles

Role is useful for combining multiple policies together. There are 2 type of roles in ODD Platform:

  • User roles

  • Owner roles

User roles

There are 2 user roles:

  • USER - regular user which don't have any permissions by default

  • ADMIN - administrator, who has all permissions

User role is defined via properties, when you configure Authentication method. (e.g. admin groups for AWS Cognito or admin team in GitHub). If user matches admin condition he will have ADMIN role, otherwise he will be assigned USER role.

Owner roles

Owner roles can be managed in ODD Platform via Management - Roles section. As the name implies, these roles are assigned to Owners, not to users.

When user is associated with owner (please check User-owner associationsection for more details) he will inherit owner roles, ignoring previously assigned user roles, e.g. user was logged in and got ADMIN role. After that he associated himself with owner, which has Data Engineer role. He will lose his admin priviligies and have Data engineer role.

Be careful and don't associate user with admin role with non-admin owner. You need to create owner with admin role first and then associate your admin user with this owner.

PreviousPermissionsNextOwners

Last updated 2 years ago