Access Control
On the Workspace page, you can control data access control, and manage data viewing, computing, output, sharing, etc.. The roles are divided into Owner
, Data Steward
and Data Consumer
.
Owner
is the workspace owner with the highest authority in the workspace, usually the department head or project leader in the enterprise.Data Analyst
is a role who can create and process data in the workspace and share it with other users, usually data analysts and scientists in the enterprise.Data Consumer
is a data power user who can only access the data authorized by theOwner
orData Analyst
, usually a domain application expert in the enterprise.
Take the following picture as an example, the project supervisor acts as Owner
to control which team members to add to the workspace and can grasp the resource constraints in the workspace; the data team works as Data Analyst
to pull data from data sources into the workspace use, and collect and process the data; the operation team, as Data Consumer
, can only access the data organized by the data team and apply it to the BI tool.
Role Permissions
Owner (workspace owner) | Data Analyst (data analyst) | Data Consumer (data user) | |
---|---|---|---|
Add/Delete Workspace | ✅ | ⛔ | ⛔ |
Set the permission role of the workspace | ✅ | ⛔ | ⛔ |
Set Workspace Resource Limitation (Network/ Resource Limitation) | ✅ | ⛔ | ⛔ |
Create materials from sources or other workspaces (Table/ View / Materialized View/ share table) | ✅ | ✅ | ⛔ |
Set Semantic Layer (marking specific data as Semantic means that all members of the workspace can use the data) | ✅ | ✅ | ⛔ |
Set the Metadata of the data used in the workspace | ✅ | ✅ | (read-only) |
Materials created in the application workspace | ✅ | ✅ | (only materials marked as Semantic can be used) |
SQL Editor Features | ✅ | ✅ | ✅ |
Data Push | ✅ | ✅ | ✅ |
Apply Data Policy | ✅ | ⛔ (Authorized by Workspace Owner) | ⛔ (Authorized by Workspace Owner) |
Create Data Service | ✅ | ⛔ (Authorized by Workspace Owner) | ⛔ (Authorized by Workspace Owner) |
Setting Tableau Publish Permission | ✅ | ⛔ (Authorized by Workspace Owner) | ⛔ (Authorized by Workspace Owner) |
For example User A is assigned Data Analyst
, and Group A, to which User A belongs, is assigned Data Consumer
When the authority is set repeatedly, the greater rule will prevail, so in this situation, the authority of User A is Data Analyst
Set role permissions
Step 1: Enter the Access Control page
Go to the workspace and switch to the Access Control page.
Step 2: Select the permission role
Click on the Assign Roles
button.
Click Role to expand the drop-down menu, where you can set the permission role as Data Analyst or Data Consumer.
Step 3: Select needed permissions
Data Service permission
Once checked, users will be able to use the Data Service functionality in the workspace to create custom APIs.
Tableau Publish Management Permission
When checked, users can create and delete Tableau Publish and edit all Tableau Publish fields.
Data Policy Permission
When checked, users can apply Data Policy to data columns in the workspace.
Step 3: Complete the setup
After clicking Submit to send, you can see the set permission roles on the screen.