›Security

Get started

  • Introduction to Imply Polaris
  • Quickstart
  • Navigate the console
  • Key concepts

Data

  • Overview
  • Introduction to tables
  • Create a schema
  • Batch ingestion
  • Data partitioning
  • Introduction to rollup
  • Replace data
  • Supported data formats

Analytics

  • Overview
  • Manage data cubes
  • Visualize data
  • Dimensions
  • Measures
  • Dashboards
  • Create a dashboard
  • Visualizations reference
  • Query data

Monitoring

  • Overview

Management

  • Overview

Billing

  • Overview
  • Polaris plans
  • Estimate project costs
  • Manage billing and payments

Usage

  • Overview

Security

  • Overview
  • Add users to an organization
  • User roles reference
  • Manage user groups
  • Enable SSO
  • SSO settings reference

Developer guide

  • Overview
  • Authenticate API requests
  • Create a table
  • Get table ID
  • Define a schema
  • Upload files
  • Ingest batch data
  • Push event data
  • Aiven HTTP Connector for Kafka
  • Query data
  • Link to BI tools
  • Connect over JDBC

API reference

  • Overview
  • Reference index
  • Events API
  • Files API
  • Ingestion Jobs API
  • Ingestion Templates API
  • Performance API
  • Query API
  • Tables API
  • Common object definitions

    • Table
    • TableRequest
    • RollupSchema
    • IngestionJobSpec
    • CsvFormatSettings
    • JsonFormatSettings
    • TimestampMapping

Product info

  • Release notes
  • Known limitations

User roles reference

Imply Polaris uses a role-based access control (RBAC) model to manage user access to protected data and resources. It leverages built-in roles in the form of user groups to deliver fine-grained control that allows for varying levels of access.

You can assign individual roles, add users to existing Polaris groups, or create new groups corresponding to the specific roles within your organization. To learn more about groups in Polaris, see User groups.

Predefined roles

Polaris roles determine the resources and the level of access available to users in the context of your organization.

This section lists the predefined roles and their permissions, grouped by category.

Data

  • ManageTables: View table data and modify schema.
  • ViewTables: View table data and schema.
  • ManageFiles: Upload and delete files.
  • ManageIngestionJobs: Start, stop, cancel, and delete an ingestion job.
  • ReadDataSources: Read data using the Query API. This role is automatically assigned to users who have the AccessQueries role.
  • ManageStreams: Stream data into the organization.

Analytics

  • AccessVisualization: View data cubes and dashboards.
  • AdministerDataCubes: View and manage all data cubes irrespective of their sharing and access configuration.
  • ManageDataCubes: Create, duplicate, modify, and delete data cubes within the access granted by their individual configuration.
  • AdministerDashboards: View and manage all dashboards irrespective of their sharing and access configuration.
  • ManageDashboards: Create, modify, and delete dashboards within the access granted by their individual configuration.
  • AccessQueryRawData: View the raw disaggregated data behind a data cube visualization. This permission is independent from the AccessQueries permission. A user without the AccessQueryRawData permission can still query raw data via the SQL tab if they have the AccessQueries permission.
  • AccessDownloadData: Download a limited number of rows for a data cube. The maximum row limit is 5000.
  • AccessDownloadLargeData: Download an unlimited number of rows for a data cube.
  • AccessQueries: Manage the queries within the access granted by their individual configuration. Note that users with SQL access can effectively perform arbitrary queries. Any user with the AccessQueries role also has the ReadDataSources role.
  • AdministerQueries: Create, manage, and view all saved SQL queries.
  • AccessReports: View all reports irrespective of their access configuration.
  • AdministerReports: View and manage all scheduled reports irrespective of their access configuration.
  • ManageReports: Create and manage reports within the access granted by their individual configuration.

Organizational

  • AdministerUsers: Create, modify, and delete users, assign and remove user roles, and view profile information of other users. Users in this role cannot create or modify a user to have more permissions than they have.
  • AdministerClients: View, create, and modify all API clients. This role is required to create and manage secrets for API access.
  • AdministerProjects: View all projects irrespective of their sharing and access configuration.
  • ManageProjects: Create and modify projects. A user in ManageProjects role can set a project's maximum size.

Monitoring

  • AccessAlerts: Access the Alerts tab.
  • AdministerAlerts: View and manage all alert configurations irrespective of their sharing and access configuration.
  • ManageAlerts: Modify alerts within the access granted via the individual configuration.
  • ManageAlertsWebhooks: Configure alerts to send webhook notifications.
  • AccessMetrics: Access the Detailed metrics tab and make changes. No access means that the user cannot view the page.
  • AccessMonitorQueries: Monitor database queries.

Management

  • AccessScaling: View performance pages in read-only mode. Users with the AccessScaling role cannot change the cluster size.
  • AdministerScaling: Make selections that impact performance—for example, change cluster, view usage, view Clarity metrics.
  • AdministerBilling: Manage invoices and credit card information.

Assign a role to a user

To assign a role to an existing user, follow these steps:

  1. In the Polaris console, click the user menu icon located in the top-right corner of the page.
  2. Select User management from the user menu.
  3. Click Users in the left sidebar.
  4. Select the user you want to assign a new role to.
  5. Go to the Role Mappings tab.
  6. Select the role you want to add from the Available Roles list. To select multiple roles, press and hold the Shift key while selecting the roles.
  7. Click Add selected.

For information on how to invite a new user to the organization, see Add a new user.

← Add users to an organizationManage user groups →
  • Predefined roles
    • Data
    • Analytics
    • Organizational
    • Monitoring
    • Management
  • Assign a role to a user
Key links
Try ImplyApache Druid siteImply GitHub
Get help
Stack OverflowSupportContact us
Learn more
BlogApache Druid docs
Copyright © 2022 Imply Data, Inc