User Roles and Permissions
Your user role and permissions determine your access to resources and functionality.
The combination of your user role and permissions for shared resources determine your access to resources and functionality in Tamr Cloud. Resources include data products, publish destinations, and connections to cloud storage locations.
Your role determines the functionality you can access by default and your ability to create new resources.
Your permissions for resources shared with you determine the actions you can perform on those resources, regardless of your role.
User Roles
Tamr provides three user roles: admin, author, and data citizen.
Admins have full access to all Tamr Cloud functionality and resources. They can fully manage all data products, publish destinations, and connections.
Authors have access to most Tamr Cloud functionality. Authors can fully manage the resources that they create (data products, connections, and publish destinations). For shared resources, an author's permissions depend on the permission level assigned to them for that resource.
Data Citizens only have access to view mastered data in Curator by default, and cannot create new data products, publish destinations, or connections. For shared resources, a data citizen's permissions depend on the permission level assigned to them for that resource.
The table below summarizes default menu options for each role:
Menu Option | Data Citizen | Author | Admin |
---|---|---|---|
Designer (and Configure Flow tab in Curator) | No | Yes | Yes |
Curator | Yes (read-only) | Yes | Yes |
Admin > Connections | No | Yes | Yes |
Admin > Sources | No | Yes | Yes |
Admin > Jobs | No | Yes | Yes |
Admin > Users | No | No | Yes |
Admin > Scheduler | No | No | Yes |
Admin > API Keys | No | No | Yes |
The following table summarizes which roles can add new resources:
Function | Data Citizen | Author | Admin |
---|---|---|---|
Add Data Product | No | Yes | Yes |
Add Connection | No | Yes | Yes |
Add Source | No | Yes | Yes |
Add Publish Destination | No | Yes | Yes |
Permissions for Shared Resources
You can share data products, publish destinations, sources, and connections with other users. When you share a resource with another user, you select the user's permissions for that resource. You can give other users permissions at your permission level or lower.
Examples:
- If you have editor permissions for a data product, you can give others editor, curator, publisher, or viewer permissions for that data product.
- If you have publisher permissions for a data product, you can give others publisher or viewer permissions for that data product.
Shared Data Product Permissions
Share a data product from the Home page. See Managing a Data Product.
Tamr Cloud provides five permission levels for shared data products, described in the table below.
When you share a data product with another user, that user gets viewer permissions for related sources and connections.
Ownership cannot be changed through permissions.
Resource Permissions | Viewer | Publisher | Curator | Editor | Owner |
---|---|---|---|---|---|
Publish Datasets | No | Yes | Yes | Yes | Yes |
View in Curator | Yes | Yes | Yes | Yes | Yes |
Curate Data | No | No | Yes | Yes | Yes |
View, Edit, and Run Mastering Flow | No | No | No | Yes | Yes |
Save a Copy | No | No | No | Yes | Yes |
Delete | No | No | No | No | Yes |
Share Options | Viewer | Viewer Publisher | Viewer Publisher Curator | Viewer Publisher Curator Editor | Viewer Publisher Curator Editor |
Shared Source, Connection, and Publish Destination Permissions
Share a connection from Admin > Connections. Share a source from Admin > Sources. Share a publish destination for a data product from Curator > Publish.
Tamr Cloud provides three permission levels for shared connections and publish destinations, described in the table below.
When you share a source with another user, the user is also given viewer permissions for related connections.
Important: If you delete a source, or unshare it from a certain user, that user will still have access to any dependent shared connections. This is because sharing a source with a user also shares its connection with viewer permissions.
Ownership cannot be changed through permissions.
Resource Permission | Viewer | Editor | Owner |
---|---|---|---|
View | Yes | Yes | Yes |
Edit | No | Yes | Yes |
Delete | No | No | Yes |
Share Options | Viewer | Viewer Editor | Viewer Editor |
Updated 27 days ago