Every user within Imply can belong to one or more roles. A role is a collection of permissions that the user has access to. Some roles are created by default, but the set of roles can be modified to fit specific use cases.
The roles can be managed from the settings view.
You can edit an individual role and assign different permissions to it.
It is not possible to edit the
super-admin role which permits all actions.
Within a given role you can add and remove permissions that are granted to the users associated with that role. The permissions belonging to a given user is the superset of all the permissions from all the roles assigned to that user.
The possible permissions are:
ManageUsers- grants the ability to create, modify, and delete users. This permission is very powerful because the possessor could just change themselves to be a Super Admin.
ManageClusters- grants the ability to create and terminate clusters. Users without this permission will be taken straight to the visualization interface instead.
ManageDatasets- grants the ability to onboard new data, modify, and delete datasets within Druid.
AdministerDataCubes- grants the ability to see and modify data cubes irrespective of their sharing and access configuration.
AdministerDashboards- grants the ability to see and modify dashboards irrespective of their sharing and access configuration.
ChangeDataCubes- grants the ability to create, modify, and delete data cubes within the access granted via the individual configuration.
ChangeDashboards- grants the ability to create, modify, and delete dashboards within the access granted via the individual configuration.
AccessSQL- grants the ability to access the Run SQL section. Note that users with SQL access can effectively perform arbitrary queries.
AccessVisualization- grants the ability to access the Visualize section.
AccessDataset- grants the ability to access the Data manager section.