Roles
Welcome to the documentation for Roles! This document aims to provide a comprehensive guide to understanding roles within data plane.
The system initially generates some roles with full permissions. Users have the ability to create new role or duplicate existing role from role list.
Role create
Lets create new role (with Admin account) and assign it to user. In the role create page contains following inputs:
NameDescriptionPermissionsthat covering areas such as Lakehouse, Spark Connect, Spark Jobs, Users, Groups, Roles, Data Security, and Data Catalog.
Permissions Overview
Each permission includes the following access levels:
-
Can List: Grants permission to view a list of resources.
-
Can Create: Provides permission to create new resources.
-
Can Manage: Offers the ability to edit, remove, or manage select or all resources. This includes the option to Start and Terminate the Lakehouse.
-
Can View: Allows users to view detailed information about a resource.
-
Can Attach: Grants permission to attach roles to users, roles to groups, users to groups, etc.
To activate a specific access item, simply check the related checkbox. The default setting is (All) for each access item. However, you can customize options for everything except Can list and Can create as needed.
Assign role
After creating a role, go to the user list and click on a user to whom you want to assign the role. First, remove any existing roles added by the system. Then, click the Assign Role button and choose the role we created.
Groups can have roles assigned, and all users in a group automatically inherit the group's role.
Result
After being assigned the role, log in to the current user account. Navigate to the lakehouse list and click on test-lakehouse.
You can view the lakehouse, but you can't manage it.
