Skip to main content

Assets Access Control

On any database, schema, or dashboard folder, admins can manage who can access it in Catalog using the Manage access interface:

Manage access interface for databases and schemas

Tables Access Control

  1. Navigate to your database or schema page through the left menu

    Database or schema page in the left menu

  2. Click the top right corner button Manage access

    Manage access button location

  3. Then select the teams that should have access to the data set

    Team selection for data set access

Dashboards Access Control

  1. Navigate to your dashboard folder page through the left menu
  2. Click the top right corner button Manage access
  3. Then select the teams that should have access to this folder and its subfolders
Dashboard folder access control

How Does It Work

Set the teams that should have access to the tables or dashboards in this data set or folder. Then any user needs to be in at least one of those teams to be able to see and access the data set and its tables.

For instance, any member of the HR or Sales team can access this data set's tables:

Example of HR and Sales team access to a data set
Admin Access

Admins will always have access to everything that is in Catalog, regardless of the access settings.

By default, any new data set or folder is accessible to anyone in the company. When a data set or folder access is given to only a few teams, any new asset in this perimeter will inherit the access parameters.

Restricted Assets in Lineage

Restricted assets will still appear in lineage graphs but with restricted access.

Hierarchical Data Sets Interaction

Admins can define access rights at different levels in their stack, for instance at database and schema level.

Child Overrides Parent

In short, a child data set or subfolder access configuration will override its parent's.

The behavior is the following:

  • By default a child data set (a schema here) will inherit the parent configuration. For example, if the Sales team is the only one that can see the database assets, the child schema inherits it:

    Child schema inheriting database access

  • You can then choose to modify this configuration which will override the database access rights. Here all the members of the frontend team and the sales team will access the assets in the schema.

    Database Level Restriction

    They will not be able to consult assets of other schemas because of the database level restriction.

    Schema-level access override

  • You can also completely remove the inherited team from the schema access rights, which will hide its assets from this team. For instance:

    • The Frontend team will see the schema assets but nothing else from this database.

    • The Sales team (that is the only one that has access to this database assets) will be blind to this given schema assets but will see all the other database assets.

      Schema access removal example