The combination of your user role and permissions for shared resources determine your access to resources and functionality in Tamr Cloud. Resources include data products, publish destinations, and connections to cloud storage locations.

Your role determines the functionality you can access by default and your ability to create new resources.

Your permissions for resources shared with you determine the actions you can perform on those resources, regardless of your role.

User Roles

Tamr provides three user roles: admin, author, and data citizen.

Admins have full access to all Tamr Cloud functionality and resources. They can fully manage all data products, publish destinations, and connections.

Authors have access to most Tamr Cloud functionality. Authors can fully manage the resources that they create (data products, connections, and publish destinations). For shared resources, an author's permissions depend on the permission level assigned to them for that resource.

Data Citizens only have access to view mastered data in Curator by default, and cannot create new data products, publish destinations, or connections. For shared resources, a data citizen's permissions depend on the permission level assigned to them for that resource.

The table below summarizes default menu options for each role:

Menu Option	Data Citizen	Author	Admin
Designer (and Configure Flow tab in Curator)	No	Yes	Yes
Curator	Yes (read-only)	Yes	Yes
Admin > Connections	No	Yes	Yes
Admin > Sources	No	Yes	Yes
Admin > Jobs	No	Yes	Yes
Admin > Users	No	No	Yes
Admin > Scheduler	No	No	Yes
Admin > API Keys	No	No	Yes

The following table summarizes which roles can add new resources:

Function	Data Citizen	Author	Admin
Add Data Product	No	Yes	Yes
Add Connection	No	Yes	Yes
Add Source	No	Yes	Yes
Add Publish Destination	No	Yes	Yes

Permissions for Shared Resources

You can share data products, publish destinations, sources, and connections with other users. When you share a resource with another user, you select the user's permissions for that resource. You can give other users permissions at your permission level or lower.

Examples:

If you have editor permissions for a data product, you can give others editor, curator, publisher, or viewer permissions for that data product.
If you have publisher permissions for a data product, you can give others publisher or viewer permissions for that data product.

Shared Data Product Permissions

Share a data product from the Home page. See Managing a Data Product.

Tamr Cloud provides five permission levels for shared data products, described in the table below.

When you share a data product with another user, that user gets viewer permissions for related sources and connections.

Ownership cannot be changed through permissions.

Resource Permissions	Viewer	Publisher	Curator	Editor	Owner
Publish Datasets	No	Yes	Yes	Yes	Yes
View in Curator	Yes	Yes	Yes	Yes	Yes
Curate Data	No	No	Yes	Yes	Yes
View, Edit, and Run Mastering Flow	No	No	No	Yes	Yes
Save a Copy	No	No	No	Yes	Yes
Delete	No	No	No	No	Yes
Share Options	Viewer	Viewer Publisher	Viewer Publisher Curator	Viewer Publisher Curator Editor	Viewer Publisher Curator Editor

Shared Source, Connection, and Publish Destination Permissions

Share a connection from Admin > Connections. Share a source from Admin > Sources. Share a publish destination for a data product from Curator > Publish.

Tamr Cloud provides three permission levels for shared connections and publish destinations, described in the table below.

When you share a source with another user, the user is also given viewer permissions for related connections.

Important: If you delete a source, or unshare it from a certain user, that user will still have access to any dependent shared connections. This is because sharing a source with a user also shares its connection with viewer permissions.

Ownership cannot be changed through permissions.

Resource Permission	Viewer	Editor	Owner
View	Yes	Yes	Yes
Edit	No	Yes	Yes
Delete	No	No	Yes
Share Options	Viewer	Viewer Editor	Viewer Editor