# Permissions

A breakdown of the policies assigned to roles is listed below. Refer to [Polices ](https://docs.e6data.com/product-documentation/~/revisions/W5MExJCuvHiG1ioEcgOy/access-control/roles/policies)for all permissions included in each policy.

<table><thead><tr><th width="200.33333333333331">Role</th><th width="242">Policies</th><th>Description</th></tr></thead><tbody><tr><td>AccessAdmin</td><td>IAMFullAccess</td><td>Provides permission to manage and edit access control. Does not provide access to create or update any entity.</td></tr><tr><td>DataAdmin</td><td>ClusterFullAccess<br>CatalogFullAccess</td><td>Provides permission to create, edit, delete, or refresh all clusters &#x26; catalogs in their assigned workspaces.</td></tr><tr><td>WorkspaceAdmin</td><td><p>WorkspaceFullAccess<br>CatalogReadAccess</p><p>ClusterReadAccess</p></td><td>Provides permission to enable, disable, create, update, and delete all workspaces; and to view catalogs &#x26; clusters.<br>Provides read-only permission for cluster connectivity details.</td></tr><tr><td>WorkspaceManager</td><td><p>WorkspaceManagerAccess<br>CatalogReadAccess</p><p>ClusterReadAccess</p></td><td>Provides permission to enable, disable, create, and update assigned workspaces; and to view catalogs &#x26; clusters in assigned workspaces.<br>Provides read-only permission for cluster connectivity details.</td></tr><tr><td>CatalogAdmin</td><td>CatalogFullAccess</td><td>Provides privileges to run queries in assigned clusters via the native query editor. Data Administrators can also create, edit, delete, or refresh all clusters &#x26; catalogs in their assigned workspaces.</td></tr><tr><td>CatalogManager</td><td>CatalogManagerAccess</td><td>Provides permission to get, list, edit and refresh catalogs based on assigned workspaces.</td></tr><tr><td>ClusterAdmin</td><td>ClusterFullAccess</td><td>Provides privileges to manage and edit assigned clusters. Does not provide access to query any data.</td></tr><tr><td>ClusterManager</td><td>ClusterManagerAccess</td><td>Provides permission to get, list and update clusters based on assigned workspaces. Allows access to cluster connectivity details.</td></tr><tr><td>DataAnalsyt</td><td><p>QueryEditorManagerAccess</p><p>CatalogReadAccess</p><p>ClusterReadAccess<br>WorkspaceListAccess</p></td><td><p>Provides access to the e6data Query Editor but cannot download query results. <br>Provides read-only permission for cluster connectivity details, cluster suspension and resumption operations, and catalog refresh option.</p><p><em><strong>Please be sure to use it cautiously, as it provides access to read potentially sensitive data.</strong></em></p><p><em><strong>This role is not assigned to any user by default, including SuperAdmin.</strong></em></p></td></tr><tr><td>QueryHistoryView</td><td><p></p><p>QueryHistoryFullAccess</p><p>CatalogReadAccess</p><p>ClusterReadAccess</p><p>WorkspaceListAccess<br>WorkspaceGetAccess</p></td><td><p>Provides access to view the Query History of all users in the workspace. </p><p>Provides read-only permission for cluster connectivity details. <br><em><strong>Please use it cautiously, as it provides access to potentially sensitive data.</strong></em><br><em><strong>This role is not assigned to any user by default, except for the Super Admin.</strong></em></p></td></tr><tr><td>DataExport</td><td><p>QueryEditorFullAccess<br>CatalogReadAccess</p><p>ClusterReadAccess<br>WorkspaceListAccess</p></td><td><p>Provides access to use the e6data Query Editor and download query results. <br>Provides read-only permission for cluster connectivity details, cluster suspension and resumption operations, and catalog refresh option.</p><p><em><strong>Please be sure to use it cautiously, as it provides access to read potentially sensitive data.</strong></em></p><p><em><strong>This role is not assigned to any user by default, including SuperAdmin.</strong></em></p></td></tr></tbody></table>