Version: v3

Access Control

On the Workspace page, you can control data access control, and manage data viewing, computing, output, sharing, etc.. The roles are divided into Owner, Data Steward and Data Consumer.

Owner is the workspace owner with the highest authority in the workspace, usually the department head or project leader in the enterprise.
Data Analyst is a role who can create and process data in the workspace and share it with other users, usually data analysts and scientists in the enterprise.
Data Consumer is a data power user who can only access the data authorized by the Owner or Data Analyst, usually a domain application expert in the enterprise.

Take the following picture as an example, the project supervisor acts as Owner to control which team members to add to the workspace and can grasp the resource constraints in the workspace; the data team works as Data Analyst to pull data from data sources into the workspace use, and collect and process the data; the operation team, as Data Consumer, can only access the data organized by the data team and apply it to the BI tool.

4_access_control

Role Permissions

	Owner (workspace owner)	Data Analyst (data analyst)	Data Consumer (data user)
Add/Delete Workspace	✅	⛔	⛔
Set the permission role of the workspace	✅	⛔	⛔
Set Workspace Resource Limitation (Network/ Resource Limitation)	✅	⛔	⛔
Create materials from sources or other workspaces (Table/ View / Materialized View/ share table)	✅	✅	⛔
Set Semantic Layer (marking specific data as Semantic means that all members of the workspace can use the data)	✅	✅	⛔
Set the Metadata of the data used in the workspace	✅	✅	(read-only)
Materials created in the application workspace	✅	✅	(only materials marked as Semantic can be used)
SQL Editor Features	✅	✅	✅
Data Push	✅	✅	✅
Apply Data Policy	✅	⛔ (Authorized by Workspace Owner)	⛔ (Authorized by Workspace Owner)
Create Data Service	✅	⛔ (Authorized by Workspace Owner)	⛔ (Authorized by Workspace Owner)
Setting Tableau Publish Permission	✅	⛔ (Authorized by Workspace Owner)	⛔ (Authorized by Workspace Owner)

What if the permission-setting roles of individuals and groups are different?

For example User A is assigned Data Analyst, and Group A, to which User A belongs, is assigned Data Consumer When the authority is set repeatedly, the greater rule will prevail, so in this situation, the authority of User A is Data Analyst

Set role permissions

Step 1: Enter the Access Control page

Go to the workspace and switch to the Access Control page.

1_ws_access_control

Step 2: Select the permission role

Click on the Assign Roles button.

4_ws_access_control

Click Role to expand the drop-down menu, where you can set the permission role as Data Analyst or Data Consumer.

2_ws_access_control

Step 3: Select needed permissions

Data Service permission
Once checked, users will be able to use the Data Service functionality in the workspace to create custom APIs.
Tableau Publish Management Permission
When checked, users can create and delete Tableau Publish and edit all Tableau Publish fields.
Data Policy Permission
When checked, users can apply Data Policy to data columns in the workspace.

5_ws_access_control

Step 3: Complete the setup

After clicking Submit to send, you can see the set permission roles on the screen.

6_ws_access_control

Access Control

Role Permissions​

Set role permissions​

Step 1: Enter the Access Control page​

Step 2: Select the permission role​

Step 3: Select needed permissions​

Step 3: Complete the setup​