Privileges and Roles Reference
Note
This feature may not be available in all product editions. For more information on available features, see Compare Editions.
In the Trifacta Application, you can create and assign roles, each of which consists of one or more privileges. A privilege is a level of access to a type of object.
Below, you can review the available privileges, including the supported levels for each.
For more information on privileges and roles, see Overview of Authorization.
Privileges
Flows
The flows privilege governs access to flow objects.
Access Level | Name | Description |
|---|---|---|
0 | none | Assigned role cannot see or use flows, including the pages where flows are available. |
1 | viewer | Assigned user can access Flows page and Flow View page for flows that the user owns or has been shared. User can also run jobs on the user's own flows. User cannot make changes to any flows. |
2 | editor | All of the above, plus: Assigned user can edit, share, and run jobs on flows to which the user has access. Note By default, editors can also schedule flows. This option can be disabled by an administrator. Tip Flow editors can edit any custom SQL used to import datasets into the flow. |
3 | author | All of the above, plus: Assigned user can create new flows, schedule flows, and delete flows. |
Connections
Note
This feature may not be available in all product editions. For more information on available features, see Compare Editions.
The connections privilege governs access to connection objects.
Access Level | Name | Description |
|---|---|---|
0 | none | Assigned role cannot see or use connections, including the pages where connections are available. |
1 | viewer | Assigned user can access Connections page for connections that the user owns or has been shared. User can share connections. User cannot make changes to any connections. |
2 | editor | All of the above, plus: Assigned user can edit and share connections to which the user has access. |
3 | author | All of the above, plus: Assigned user can create new connections and delete connections. |
Plans
Note
This feature may not be available in all product editions. For more information on available features, see Compare Editions.
The plans privilege manages access to plan objects.
Access Level | Name | Description |
|---|---|---|
0 | none | Assigned role cannot see or use plans, including the pages where plans are available. |
1 | viewer | Assigned user can access Plans page and Plan View page for plans that the user owns or has been shared. User can also run jobs on the user's own plans. User can cancel plan runs. |
2 | editor | All of the above, plus: Assigned user can edit, share, and run jobs on plans to which the user has access. Note By default, editors can also schedule plans. This option can be disabled by an administrator. |
3 | author | All of the above, plus: Assigned user can create new plans, schedule plans, and delete plans. |
User defined functions
The User defined functions privilege manages access to user-defined functions and their UI pages in the application.
Access Level | Name | Description |
|---|---|---|
0 | none | Assigned role cannot see or use UDFs, including the pages where they are available.
|
1 | viewer | Assigned user can access User Defined Functions page and UDFs in them. User can also see and access UDFs through the Transform Builder.
|
2 | editor | All of the above, plus: Assigned user can edit code and signature of UDFs to which the user has access. |
3 | author | All of the above, plus: Assigned user can create new UDFs and delete UDFs owned by the user. Note By default, the |
Standard Platform Roles
The following roles are provided with the product.
Note
The following roles cannot be removed.
default
The default role is assigned to each user when the user is initially created. This role contains the following permissions:
Privilege | Access Level/Name |
|---|---|
Flows | 3 - author |
Connections | 3 - author |
Plans | 3 - author |
User defined functions | 3 - author |
Tip
You can modify the default role if you want to set a lower level of base access for each new user of the product. For more information, see Overview of Authorization.
Dataprep admin
This role provides super-user privileges to the assigned user.
Note
This role enables for the user owner-level access to all objects in the project or workspace and access to all admin-level settings and configuration pages in the admin console. This role should not be assigned to many users. At least one user should always have this role.
Note
The project owner is automatically granted the Dataprep admin role. This role can be assigned to non-project owners. It grants a project user all of the privileges of the project owner within Dataprep by Trifacta. If the Dataprep admin role is un-assigned to a project owner, it is automatically granted back to the project owner on next login.
Note
You cannot modify or delete this role.