User Roles and Permissions
Your user role and permissions determine your access to resources and functionality.
The combination of your user role and permissions for shared resources determine your access to resources and functionality in Tamr Cloud. Resources include data products, publishing destinations, and connections to cloud storage locations.
Your role determines the functionality you can access by default and your ability to create new resources.
Your permissions for resources shared with you determine the actions you can perform on those resources, regardless of your role.
User Roles
Tamr provides three user roles: admin, author, and data citizen.
Admins have full access to all Tamr Cloud functionality and resources. They can fully manage all data products, publishing destinations, and connections.
Authors have access to most Tamr Cloud functionality. Authors can fully manage the resources that they create (data products, publishing connections, and destinations). For shared resources, an author's permissions depend on the permission level assigned to them for that resource.
Data Citizens have access only to Studio by default, and cannot create new data products, publishing destinations, or connections. For shared resources, a data citizen's permissions depend on the permission level assigned to them for that resource.
The table below summarizes default menu options for each role:
Menu Option | Data Citizen | Author | Admin |
---|---|---|---|
Studio | Yes | Yes | Yes |
Designer | No | Yes | Yes |
Curator | No | Yes | Yes |
Publish | No | Yes | Yes |
Admin > Connections | No | Yes | Yes |
Admin > Sources | No | Yes | Yes |
Admin > Jobs | No | Yes | Yes |
Admin > Users | No | No | Yes |
Admin > Scheduler | No | No | Yes |
Admin > API Keys | No | No | Yes |
The following table summarizes which roles can add new resources:
Function | Data Citizen | Author | Admin |
---|---|---|---|
Add Entity Type | No | Yes | Yes |
Add Connection | No | Yes | Yes |
Add Source | No | Yes | Yes |
Add Publishing Destination | No | Yes | Yes |
Permissions for Shared Resources
You can share data products, publishing destinations, sources, and connections with other users. When you share a resource with another user, you select the user's permissions for that resource. You can give other users permissions at your permission level or lower.
Examples:
- If you have editor permissions for a data product, you can give others editor, curator, publisher, or viewer permissions for that data product.
- If you have publisher permissions for a data product, you can give others publisher or viewer permissions for that data product.
Shared Data Product Permissions
Share a data product from Studio.
Tamr Cloud provides five permission levels for shared data products, described in the table below.
When you share a data product with another user, that user gets viewer permissions for related sources and connections.
Ownership cannot be changed through permissions.
Resource Permissions | Viewer | Publisher | Curator | Editor | Owner |
---|---|---|---|---|---|
View in Studio | Yes | Yes | Yes | Yes | Yes |
View in Publish | No | Yes | Yes | Yes | Yes |
Publish | No | Yes | Yes | Yes | Yes |
View in Curator | No | No | Yes | Yes | Yes |
Curate | No | No | Yes | Yes | Yes |
View in Designer | No | No | No | Yes | Yes |
Edit and Run Mastering Flow | No | No | No | Yes | Yes |
Save a Copy | No | No | No | Yes | Yes |
Delete | No | No | No | No | Yes |
Share Options | Viewer | Viewer Publisher | Viewer Publisher Curator | Viewer Publisher Curator Editor | Viewer Publisher Curator Editor |
Shared Source, Connection, and Publishing Destination Permissions
Share a connection from Admin > Connections. Share a source from Admin > Sources. Share a publishing destination for a data product from Publish.
Tamr Cloud provides three permission levels for shared connections and publishing destination, described in the table below.
When you share a source with another user, the user gets viewer permissions for related connections.
Important: If you delete a source, or unshare it from a certain user, that user will still have access to any dependent shared connections. This is because sharing a source with a user also shares its connection with viewer permissions.
Ownership cannot be changed through permissions.
Resource Permission | Viewer | Editor | Owner |
---|---|---|---|
View | Yes | Yes | Yes |
Edit | No | Yes | Yes |
Delete | No | No | Yes |
Share Options | Viewer | Viewer Editor | Viewer Editor |
Updated 8 days ago