Permissions

A breakdown of the policies assigned to roles is listed below. Refer to Polices for all permissions included in each policy.

RolePoliciesDescription

AccessAdmin

IAMFullAccess

Provides permission to manage and edit access control. Does not provide access to create or update any entity.

DataAdmin

ClusterFullAccess CatalogFullAccess

Provides permission to create, edit, delete, or refresh all clusters & catalogs in their assigned workspaces.

WorkspaceAdmin

WorkspaceFullAccess CatalogReadAccess

ClusterReadAccess

Provides permission to enable, disable, create, update, and delete all workspaces; and to view catalogs & clusters. Provides read-only permission for cluster connectivity details.

WorkspaceManager

WorkspaceManagerAccess CatalogReadAccess

ClusterReadAccess

Provides permission to enable, disable, create, and update assigned workspaces; and to view catalogs & clusters in assigned workspaces. Provides read-only permission for cluster connectivity details.

CatalogAdmin

CatalogFullAccess

Provides privileges to run queries in assigned clusters via the native query editor. Data Administrators can also create, edit, delete, or refresh all clusters & catalogs in their assigned workspaces.

CatalogManager

CatalogManagerAccess

Provides permission to get, list, edit and refresh catalogs based on assigned workspaces.

ClusterAdmin

ClusterFullAccess

Provides privileges to manage and edit assigned clusters. Does not provide access to query any data.

ClusterManager

ClusterManagerAccess

Provides permission to get, list and update clusters based on assigned workspaces. Allows access to cluster connectivity details.

DataAnalsyt

QueryEditorManagerAccess

CatalogReadAccess

ClusterReadAccess WorkspaceListAccess

Provides access to the e6data Query Editor but cannot download query results. Provides read-only permission for cluster connectivity details, cluster suspension and resumption operations, and catalog refresh option.

Please be sure to use it cautiously, as it provides access to read potentially sensitive data.

This role is not assigned to any user by default, including SuperAdmin.

QueryHistoryView

QueryHistoryFullAccess

CatalogReadAccess

ClusterReadAccess

WorkspaceListAccess WorkspaceGetAccess

Provides access to view the Query History of all users in the workspace.

Provides read-only permission for cluster connectivity details. Please use it cautiously, as it provides access to potentially sensitive data. This role is not assigned to any user by default, except for the Super Admin.

DataExport

QueryEditorFullAccess CatalogReadAccess

ClusterReadAccess WorkspaceListAccess

Provides access to use the e6data Query Editor and download query results. Provides read-only permission for cluster connectivity details, cluster suspension and resumption operations, and catalog refresh option.

Please be sure to use it cautiously, as it provides access to read potentially sensitive data.

This role is not assigned to any user by default, including SuperAdmin.

Last updated

#930: Cross account hive GCP

Change request updated