Policies

This document lists all the policies available on e6data and their associated permissions:

Connectivity

Policy NamePermissionsDescription

ConnectivityFullAccess

ep:Create

Permission to create an endpoint

ep:Update

Permission to update an endpoint

ep:Delete

Permission to delete an endpoint

ep:Get

Permission to view information about Endpoints.

ep:List

Permission to view the list of assigned Endpoints.

ips:Create

Permission to create an IP Set

ips:Update

Permission to update an IP Set

ips:Delete

Permission to delete an IP Set

ips:Get

Permission to view information about IP Sets.

ips:List

Permission to view the list of assigned IP Sets.

ConnectivityViewAccess

ep:Get

Permission to view information about Endpoints.

ep:List

Permission to view the list of assigned Endpoints.

ips:Get

Permission to view information about IP Sets.

ips:List

Permission to view the list of assigned IP Sets.

Query History

Policy NamePermissionsDescription

QueryHistoryFullAccess

qh:DownloadHistory

Permission to download query history.

qh:ViewAllHistory

Permission to view the query history of all the users.

Query Editor

Policy NamePermissionsDescription

QueryEditorFullAccess

qe:Enable

Permission to access the Query Editor and run queries.

qe:Download

Permission to download query results

QueryEditorManagerAccess

qe:Enable

Permission to access the Query Editor and run queries.

Clusters

Policy NamePermissionsDescription

ClusterFullAccess

cl:*

Includes all the permissions listed below.

ClusterManagerAccess

cl:List

Permission to view the list of assigned clusters.

cl:Get

Permission to view information about assigned clusters.

cl:Update

Permission to update assigned clusters.

cl:Associate

Permission to attach an assigned catalog to an assigned cluster.

cl:Disassociate

Permission to detach an assigned catalog that is already attached to a cluster.

cl:Suspend

Permission to suspend assigned clusters.

cl:Resume

Permission to resume assigned clusters.

ct:List

Permission to view the list of assigned catalogs.

ClusterRunAccess

cl:List

Permission to view the list of assigned clusters.

cl:Get

Permission to view information about assigned clusters.

cl:Suspend

Permission to suspend assigned clusters.

cl:Resume

Permission to resume assigned clusters.

ClusterReadAccess

cl:List

Permission to view the list of assigned clusters.

cl:Get

Permission to view information about assigned clusters.

Catalogs

Policy NamePermissionsDescription

CatalogFullAccess

ct:*

Includes all the permissions listed below.

CatalogManagerAccess

ct:Get

Permission to view information about catalogs.

ct:List

Permission to view the list of assigned catalogs.

ct:Update

Permission to update assigned catalogs.

ct:Refresh

Permission to refresh assigned catalogs.

CatalogReadAccess

ct:Get

Permission to view information about catalogs.

ct:List

Permission to view the list of assigned catalogs.

Workspaces

Policy NamePermissionsDescription

WorkspaceFullAccess

ws:*

Includes all the permissions listed below.

WorkspaceManagerAccess

ws:Update

Permission to update an assigned workspace.

ws:Get

Permission to to view information about assigned workspaces.

ws:List

Permission to view the list of assigned workspaces.

Identity and Access Management (IAM)

Policy NamePermissionsDescription

IAMFullAccess

iam:*

Includes all the permissions listed below.

IAMReadAccess

iam:ListUsers

Permission to view the list of existing users.

iam:ListGroups

Permission to view the list of existing groups.

iam:ListPolicies

Permission to view all existing policies.

iam:ListOperations

Permission to view basic operations.

IAMManagerAccess

iam:UpdateUsers

Permission to update the privileges of any existing user.

iam:UpdateGroups

Permission to update the privileges of any existing group.

Last updated

#930: Cross account hive GCP

Change request updated