User Roles and Permissions

Your user role and permissions determine your access to resources and functionality.

The combination of your user role and permissions for shared resources determine your access to resources and functionality in Tamr Cloud. Resources include data products, publish destinations, and connections to cloud storage locations.

Your role determines the functionality you can access by default and your ability to create new resources.

Your permissions for resources shared with you determine the actions you can perform on those resources, regardless of your role.

User Roles

Tamr provides three user roles: admin, author, and data citizen.

Admins have full access to all Tamr Cloud functionality and resources. They can fully manage all data products, publish destinations, and connections.

Authors have access to most Tamr Cloud functionality. Authors can fully manage the resources that they create (data products, connections, and publish destinations). For shared resources, an author's permissions depend on the permission level assigned to them for that resource.

Data Citizens only have access to view mastered data in Curator by default, and cannot create new data products, publish destinations, or connections. For shared resources, a data citizen's permissions depend on the permission level assigned to them for that resource.

The table below summarizes default menu options for each role:

Menu OptionData CitizenAuthorAdmin
Designer
(and Configure Flow tab in Curator)
NoYesYes
CuratorYes (read-only)YesYes
Admin > ConnectionsNoYesYes
Admin > SourcesNoYesYes
Admin > JobsNoYesYes
Admin > UsersNoNoYes
Admin > SchedulerNoNoYes
Admin > API KeysNoNoYes

The following table summarizes which roles can add new resources:

FunctionData CitizenAuthorAdmin
Add Data ProductNoYesYes
Add ConnectionNoYesYes
Add SourceNoYesYes
Add Publish DestinationNoYesYes

Permissions for Shared Resources

You can share data products, publish destinations, sources, and connections with other users. When you share a resource with another user, you select the user's permissions for that resource. You can give other users permissions at your permission level or lower.

Examples:

  • If you have editor permissions for a data product, you can give others editor, curator, publisher, or viewer permissions for that data product.
  • If you have publisher permissions for a data product, you can give others publisher or viewer permissions for that data product.

Shared Data Product Permissions

Share a data product from the Home page. See Managing a Data Product.

Tamr Cloud provides five permission levels for shared data products, described in the table below.

When you share a data product with another user, that user gets viewer permissions for related sources and connections.

Ownership cannot be changed through permissions.

Resource PermissionsViewerPublisherCuratorEditorOwner
Publish DatasetsNoYesYesYesYes
View in CuratorYesYesYesYesYes
Curate DataNoNoYesYesYes
View, Edit, and Run Mastering FlowNoNoNoYesYes
Save a CopyNoNoNoYesYes
DeleteNoNoNoNoYes
Share OptionsViewerViewer
Publisher
Viewer
Publisher
Curator
Viewer
Publisher
Curator
Editor
Viewer
Publisher
Curator
Editor

Shared Source, Connection, and Publish Destination Permissions

Share a connection from Admin > Connections. Share a source from Admin > Sources. Share a publish destination for a data product from Curator > Publish.

Tamr Cloud provides three permission levels for shared connections and publish destinations, described in the table below.

When you share a source with another user, the user is also given viewer permissions for related connections.

important Important: If you delete a source, or unshare it from a certain user, that user will still have access to any dependent shared connections. This is because sharing a source with a user also shares its connection with viewer permissions.

Ownership cannot be changed through permissions.

Resource PermissionViewerEditorOwner
ViewYesYesYes
EditNoYesYes
DeleteNoNoYes
Share OptionsViewerViewer
Editor
Viewer
Editor