This topic describes the permissions for global roles and project roles.
Global role permissions
Super X
Feature area | Global permission | Description |
X-Analysis | View | Grants permission to view the X-Analysis page and use Natural Language Querying. |
X-Data Engineering | View | Grants permission to view X-Data Engineering. |
Intelligent Application Management - Model Configuration and Intelligent Applications | Manage | Grants permission to enable, disable, and edit assistants. |
Grants permission to configure large models for intelligent assistants. | ||
Intelligent Application Management - Operations Management | View Credit Consumption Statistics | Grants permission to view credit consumption on the Credit Consumption Statistics page. |
Intelligent Application Management - Intelligent Analysis Collection | Create | Grants permission to create Intelligent Analysis Collections and Collection Groups. |
Manage | Grants permission to edit and delete Intelligent Analysis Collections and Collection Groups. | |
Enterprise Knowledge Base | View | Grants permission to view accessible knowledge bases and all knowledge within them. |
Manage | Grants permission to create, edit, and delete knowledge bases. | |
Grants permission to create, edit, and delete all knowledge within a knowledge base. |
Data development
Feature area | Permission | Description |
Development | ||
Development | View | View the development module. |
Modify default cluster for resource dashboard | Lets you modify the default display cluster on the O&M > resource dashboard. | |
Tag | ||
Asset marketplace | View | View the asset marketplace. |
View the asset list in the public marketplace. | ||
View details and perform group analysis. (Operations depend on asset visibility. All assets are available in the public marketplace, while only visible assets are available in the private marketplace.) | ||
Workbench | View | View the workbench. (The available operations depend on the project role. Even without this permission, a user can view the workbench after being added to a tag project.) |
Asset application - tag offline service | View | View the list of offline service tasks. |
View offline service task details. | ||
Create an offline service. (Anyone can initiate creation, but successful completion requires permissions from an authorized application.) | ||
Asset application - group offline service | View | View the list of offline service tasks (all tasks under authorized applications). |
View offline service task details. | ||
Create an offline service. (Anyone can initiate creation, but successful completion requires permissions from an authorized application.) | ||
Asset application - application management | View | Create an application. |
Event center - attribute management | View | View the attribute list. |
View attribute details. | ||
Manage | Create an attribute. | |
Edit an attribute. | ||
Delete an attribute. | ||
Event center - event management | View | View the event list. |
View event details. | ||
Manage | Create an event. | |
Edit an event. | ||
Delete an event. | ||
Event center - category management | View | View categories. |
Manage | Create a category. | |
Edit a category. | ||
Delete a category. | ||
Asset governance
Feature area | Global permission | Feature |
Governance | ||
Asset inventory | View | Search for assets |
View asset details | ||
Initiate data profiling | Data table: Initiate data profiling (automatic/manual) | |
Data table: View data profiling records and reports | ||
Data table: Manage data profiling records (view logs, terminate runs, etc.) | ||
Data standard | ||
Data standard / standard set | View | View standard sets you have joined |
View batch operation records | ||
Standard set: View standard sets you have joined | ||
Manage data standards | Data standard: Create a data standard | |
Data standard: Edit a data standard | ||
Data standard: Clone a data standard | ||
Data standard: Publish a data standard | ||
Data standard: Unpublish a data standard | ||
Data standard: Delete a data standard | ||
Data standard: Edit associated standards | ||
Data standard: Edit associated documents | ||
Data standard: Batch import data standards (requires the corresponding permission for standard templates) | ||
Data standard: Batch export data standards (requires the corresponding permission for standard templates) | ||
Data standard: View batch operation record details (requires the permission to view standard template import records) | ||
Standard set: Create a standard | ||
Manage standard set catalog | Standard set catalog: Create a standard set catalog | |
Standard set catalog: Edit a standard set catalog | ||
Standard set catalog: Delete a standard set catalog | ||
Manage standard sets | Standard set: View all standard sets | |
Standard set: Create a standard set | ||
Standard set: Edit a standard set | ||
Standard set: Batch export standards | ||
Standard set: Clone a standard set | ||
Standard set: Delete a standard set | ||
Standard mapping rule | View | Standard mapping rule: View standard mapping rules |
Standard mapping rule: View execution records | ||
Standard mapping rule - Mapping rule: View | ||
Standard mapping rule - Mapping rule: View execution records (scope is determined by accessible standard mapping rules) | ||
Standard mapping rule - Execution record: View standard evaluation details | ||
Manage | Standard mapping rule - Mapping rule: Create a standard mapping rule | |
Standard mapping rule - Mapping rule: Edit a standard mapping rule | ||
Standard mapping rule - Mapping rule: Change the effective status of a rule | ||
Standard mapping rule - Mapping rule: Perform an ad-hoc run | ||
Standard mapping rule - Mapping rule: Delete a standard mapping rule | ||
Standard mapping rule - Mapping rule: View execution logs | ||
Standard mapping rule - Execution record: View execution logs | ||
Mapping relationship | View | Mapping relationship: View all mapping relationships (active and inactive) |
Mapping relationship: View standard evaluation configurations | ||
Mapping relationship: View standard evaluation records | ||
Mapping relationship: View mapping details (active and inactive) | ||
Active mapping: View details | ||
Active mapping: View standard evaluation results | ||
Mapping relationship (active and inactive): View the list of batch import records | ||
Mapping relationship (active and inactive): Batch import | ||
Mapping relationship (active and inactive): Batch export | ||
Manage | Mapping relationship: Edit standard evaluation configurations | |
Mapping relationship - Standard evaluation configuration - View standard evaluation records: View execution logs | ||
Mapping relationship - View details (active mapping) - Configure quality monitoring: View configured data quality rules | ||
Mapping relationship - View details (active mapping) - Configure quality monitoring: Add data quality rules | ||
Mapping relationship - View details (active mapping) - Configure quality monitoring: Edit configured data quality rules | ||
Mapping relationship - View details (active mapping) - Configure quality monitoring: Delete configured data quality rules | ||
Active mapping: Set as inactive | ||
Mapping relationship (active mapping): Configure quality monitoring | ||
Mapping relationship - Active mapping: Remove mapping relationship | ||
Mapping relationship (active and inactive): View batch import record details | ||
Mapping relationship: Remove an inactive mapping relationship | ||
Standard evaluation details | View | View public standard evaluation details (standard view, asset object view) |
Standard evaluation details (standard view, asset object details): View mapping details | ||
Standard mapping execution records | View | Standard mapping execution records: View all execution records |
Standard mapping execution records: View mapping details and execution logs | ||
Code table | View | Code table: View code tables |
Code table: View code table details | ||
Code table: View batch import records | ||
Code table: View the list of batch export records | ||
Code table: View code table references | ||
Code table: View the code table catalog | ||
Code table: Batch export | ||
Manage code table catalog | Code table catalog: Create a code table catalog | |
Code table catalog: Edit a code table catalog | ||
Code table catalog: Delete a code table catalog | ||
Manage code tables | Code table: Create a code table | |
Code table: Edit a code table | ||
Code table: Batch import | ||
Code table: View batch import record details | ||
Code table: Download a batch export file | ||
Code table: Delete a code table | ||
Root word | View | Root word: View root words |
Root word: View batch operation records | ||
Root word: Batch export root words | ||
Manage | Root word: Create a root word | |
Root word: Batch import root words | ||
Root word: Edit a root word | ||
Root word: Delete a root word | ||
Root word: View batch operation record details | ||
Standard document | View | Standard document: View standard documents |
Standard document: Preview a standard document online (PDF only) | ||
Standard document: View associated standards | ||
Standard document catalog: View the standard document catalog | ||
Manage standard document catalog | Standard document catalog: Create a standard document catalog | |
Standard document catalog: Edit a standard document catalog | ||
Standard document catalog: Delete a standard document catalog | ||
Manage standard documents | Standard document: Upload a standard document | |
Standard document: Edit a standard document | ||
Standard document: Move a standard document | ||
Standard document: Download a standard document | ||
Standard document: Delete a standard document | ||
Common standard attribute | View | Common standard attribute: View the list of common standard attributes |
Common standard attribute - System attribute: View details | ||
Manage | Common standard attribute - Custom attribute: Create an attribute | |
Common standard attribute - Custom attribute: View details | ||
Common standard attribute - Custom attribute: Edit | ||
Common standard attribute - Custom attribute: Clone | ||
Common standard attribute - Custom attribute: Delete | ||
Standard template | View | Standard template: View the list of standard templates |
Standard template: View standard template details | ||
Manage | Standard template: Create a standard template | |
Standard template: Edit a standard template | ||
Standard template: Delete a standard template | ||
Identification pattern | View | Identification pattern: View the list of identification patterns |
Identification pattern: View identification pattern details | ||
Manage | Identification pattern: Configure pattern scan Note This permission is independent of the Rule Execution Configuration permission under Asset security. You can use either permission to modify the pattern scan configuration. | |
Identification pattern: Create an identification pattern | ||
Identification pattern: Edit an identification pattern | ||
Identification pattern: Clone an identification pattern | ||
Identification pattern: Delete an identification pattern | ||
Quality | ||
Quality dashboard | View | Quality dashboard: View |
Validation records | View | Personal view: Current account |
Project view: Projects you have joined | ||
View validation details | ||
Validation details: View rule validation details | ||
Validation details: View execution logs | ||
View quality reports | ||
Manage | Validation details: Download exception data | |
Pause | ||
Data quality rule | View | Personal view: Current account |
Project view: Projects you have joined | ||
View data quality rule details | ||
View quality reports | ||
Data quality rule details - Rule configuration: View rule configurations | ||
Data quality rule details - Rule configuration: View | ||
Data quality rule details - Scheduling configuration: View the list of scheduling configurations | ||
Data quality rule details - Alert configuration: View the list of alert configurations | ||
Data quality rule details - Exception archiving: View the list of exception archives | ||
Data quality rule details - Quality report: View a report | ||
Data quality rule details - Quality report: View rule validation details | ||
Data quality rule details - Quality report: View execution logs | ||
Data quality rule details - Permission management: View the list | ||
Manage | Add monitored objects (all resources) | |
Add a data quality rule | ||
Run | ||
Manage quality owners | ||
Edit quality score weights | ||
Delete | ||
Enable or disable validation | ||
Batch operations (Run, Manage quality owners, Enable, Disable, Edit quality score weights, Delete, Permission management) | ||
Data quality rule details: Modify quality score weights | ||
Data quality rule details: Create a new data quality rule | ||
Data quality rule details - Rule configuration: Clone | ||
Data quality rule details - Rule configuration: Edit | ||
Data quality rule details - Rule configuration: Perform a trial run | ||
Data quality rule details - Rule configuration: Run | ||
Data quality rule details - Rule configuration: Configure scheduling | ||
Data quality rule details - Rule configuration: Configure quality score | ||
Data quality rule details - Rule configuration: Delete | ||
Data quality rule details - Rule configuration: Change the effective status | ||
Data quality rule details - Scheduling configuration: Edit/Clone/Delete | ||
Data quality rule details - Alert configuration: Modify configuration | ||
Data quality rule details - Exception archiving: Add an exception archive table | ||
Data quality rule details - Exception archiving: Set as default/Delete | ||
Data quality rule details - Permission management: Edit permissions | ||
Validation records - View validation details: Download exception data | ||
Validation records: Pause | ||
Governance workbench: Manage issues (View details, Initiate rectification, Ignore, Unignore, Whitelist, Notify owner, Re-validate, View operation history) | ||
Rectification process: Perform actions | ||
Governance whitelist: Perform actions | ||
Knowledge base: Manage entries (View, Create, Edit, Delete) | ||
Rule template | View | View rule templates |
Manage | Create a rule template | |
View references | ||
Edit | ||
Add a data quality rule | ||
View template details | ||
Clone | ||
Transfer ownership | ||
Delete | ||
Data source management | View | View the list of data sources |
Manage | Set throttling | |
Issue list | View | Personal view: Current account |
Project view: Projects you have joined | ||
Manage | Actions (View details, Initiate rectification, Ignore, Unignore, Whitelist, Notify owner, Re-validate, View operation history) | |
Rectification process | View | Personal view: Current account |
Manage | Actions (View details, Ignore, Unignore, Notify owner, Re-validate, Associate with knowledge base) | |
Knowledge base | View | View the knowledge base |
Manage | Actions (Create, Associate, Edit, Delete) | |
Governance whitelist | View | Personal view: Current account |
Manage | Actions (Edit, Delete) | |
Asset security | ||
Identification results | View | Identification results: View all identification results |
Identification results: View upload history | ||
Identification results: View identification details | ||
Manage | Identification results: Upload from Excel | |
Identification results: Add manually | ||
Identification results: Lock/unlock data classification, or change the identification mode | ||
Identification rule | View | Identification rule: View all identification rules |
Identification rule: View the classification scan scope | ||
Identification rule: View details | ||
Manage | Identification rule: Create an identification rule | |
Identification rule: Perform a manual rule scan | ||
Identification rule: Configure rule execution | ||
Identification rule: Configure automatic inheritance | ||
Identification rule: Enable or disable auto-identification | ||
Identification rule: Reset, Edit, Copy, Transfer ownership, Delete, and Test | ||
Identification run history | View | Identification run history: View all run records |
Manage | Identification run history: Terminate | |
Identification run history: View task identification details | ||
Data masking rule | View | Data masking rule: View all data masking rules (dynamic, static, and whitelists) |
Data masking rule: View masking algorithms and data masking whitelists | ||
Manage | Data masking rule: View and modify the default data masking policy | |
Data masking rule: Create, Edit, Transfer ownership, Delete, and change the status of dynamic data masking rules | ||
Data masking rule - Dynamic masking whitelist: Create, Edit, Clone, Delete, and change the status | ||
Key management | View | Key management: View all keys |
Key management: View references | ||
Register key | Key management: Register a key | |
Manage | Key management: Manage permissions | |
Key management: Edit, Transfer ownership, and Delete | ||
Data classification | View | Data classification: View all data classifications |
Data classification - Identification pattern: View all identification patterns | ||
Data classification - Identification pattern: View | ||
Data classification: View models | ||
Data classification - View model: View model details | ||
Data classification: View the number of effective fields | ||
Manage | Data classification: Create, Change effective status, Edit, Move to a new catalog, and Delete | |
Data classification: Configure data masking | ||
Data classification: Assign data sensitivity level, Enable, or Disable | ||
Data sensitivity level | View | Data sensitivity level: View all data sensitivity levels |
Manage | Data sensitivity level: Create, Edit, and Delete | |
Identification pattern | View | Identification pattern: View identification patterns |
Identification pattern: View identification pattern details | ||
Manage | Identification pattern: Create an identification pattern | |
Identification pattern: Edit an identification pattern | ||
Identification pattern: Clone an identification pattern | ||
Identification pattern: Delete an identification pattern | ||
Security algorithm | View | Masking algorithm: View all masking algorithms |
Manage | Masking algorithm: Test | |
Project security policy | View | Project security policy: View the global project security policy |
View details | Project security policy: View details | |
Manage | Project security policy: Edit | |
Resource governance | ||
Resource analysis | View | View resource analysis |
Governance analysis | View | Governance analysis: View |
Governance effectiveness | View | Governance effectiveness: View |
My governance | View | My governance: View |
Project governance | View | Project governance: View |
Governance item management | View | Governance item management: View |
Push management | View | Push management: View |
Task management | View | Task management: View |
Recycle bin | View | Recycle bin: View |
Metadata | ||
Metadata collection: Tasks and instances | Manage | View the list of collection tasks |
Create a collection task | ||
Edit a collection task | ||
Delete a collection task | ||
View the metadata inventory | ||
View metadata instances | ||
Set as active or inactive | ||
Run manually or perform an ad-hoc run | ||
Retry updating a collection task | ||
View the list of collection instances | ||
View the metadata change overview | ||
View run logs | ||
View a collection task | ||
Rerun a collection instance | ||
Terminate a collection instance | ||
Metadata management - Metadata inventory | View | View the list of business system metadata |
View business system metadata details | ||
General settings - Data profiling | Profiling and analysis | Configure data profiling |
General settings - Source system | Manage | View the list of business systems |
Create a business system | ||
Edit a business system | ||
Delete a business system | ||
General settings - Sampling configuration | View | View sampling configurations |
Manage | Edit sampling configurations | |
Other features | Metadata management | Register and delete external lineage using the OpenGauss API |
Asset | ||
Asset panorama | View | View asset panorama |
Catalog | View | Search for assets |
View | View asset details | |
Catalog management - Catalog planning | View | View all topics and catalogs |
Manage | Create asset topics and catalogs | |
Edit asset topics and catalogs | ||
Delete asset topics and catalogs | ||
Catalog management - Publishing management | View | View the Publishing Management page |
Manage | Edit an asset | |
Publish an asset | ||
Unpublish an asset | ||
Defer asset publishing | ||
Set maintenance permissions | ||
Standard | View | View standard assets |
Asset consumption | ||
My consumption - Available to me | View | View assets available to me |
| ||
Analyze in a notebook | ||
My consumption - My BI analysis | View | View my BI analyses |
Edit dashboards or self-service data retrieval | ||
View dashboards or self-service data retrieval | ||
Consumption configuration - Consumption channels | Manage | Add, edit, or delete consumption channels |
Asset analysis
Feature area | Global permission | Permission |
Analysis | ||
Notebook | View | View directory |
View notebook | ||
Create directory | ||
Edit directory | ||
Delete directory | ||
Create notebook | ||
Edit notebook | ||
Save notebook | ||
Delete notebook | ||
Share notebook | ||
Unshare notebook | ||
Run notebook | ||
SQL query | View | View directory |
View SQL query | ||
Create directory | ||
Edit directory | ||
Delete directory | ||
Create SQL query | ||
Edit SQL query | ||
Save SQL query | ||
Delete SQL query | ||
Share SQL query | ||
Unshare SQL query | ||
Run SQL query | ||
Manual table | View | View directory |
View manual table | ||
Create manual table | ||
Edit manual table data | ||
Edit manual table structure | ||
Save manual table | ||
Publish manual table | ||
Download manual table | ||
Share manual table | ||
Unshare manual table | ||
Delete manual table | ||
Transfer manual table owner | ||
Service | ||
Market | View | API service - View API service list |
API service - View API documentation | ||
API service - Download API documentation | ||
API service - Apply for API | ||
Dataphin data source service - View Dataphin data source service list | ||
Dataphin data source service - View Dataphin data source documentation | ||
Dataphin data source service - Apply for Dataphin data source | ||
Invocation | View | Authorized API service - View authorized API list |
Authorized API service - Apply for API | ||
Authorized API service - Debug API | ||
Authorized API service - Relinquish API access | ||
Authorized Dataphin data source - View authorized Dataphin data source list | ||
Authorized Dataphin data source - Apply for Dataphin data source | ||
Authorized Dataphin data source - Relinquish Dataphin data source access | ||
Application management - View application list | ||
Application management - Create application | ||
Application management - Edit application | ||
Application management - Delete application | ||
Application management - Apply for application | ||
Application management - Show AppSecret | ||
Application management - Copy AppSecret | ||
Application management - Reset AppSecret | ||
Application management - Transfer application owner | ||
Code sample - View API code sample | ||
Code sample - Edit API code sample | ||
Code sample - Download SDK | ||
Code sample - View Dataphin data source usage sample | ||
Code sample - Edit Dataphin data source usage sample | ||
Code sample - Download JDBC JAR | ||
Development | View | API - View my API list |
API - Create API | ||
API - Create API - Select from service unit drop-down list | ||
API - Create API - Select Dataphin logical table | ||
API - Create API - Select Dataphin logical table - Business module | ||
API - Create API - Select Dataphin logical table - Business module - Logical table | ||
API - Edit API | ||
API - View API details | ||
API - Test API | ||
API - Publish API | ||
API - Delete API | ||
API - Transfer API owner | ||
Service unit - View service unit list | ||
Service unit - Create service unit | ||
Service unit - Create service unit - Service unit name | ||
Service unit - Create service unit - Select data source | ||
Service unit - Edit service unit | ||
Service unit - View service unit details | ||
Service unit - Publish service unit | ||
Service unit - Delete service unit | ||
Service unit - Transfer service unit owner | ||
Metadata management - View authorized metadata list | ||
Metadata management - Create metadata | ||
Metadata management - Edit metadata | ||
Metadata management - Delete metadata | ||
Dataphin data source - View my Dataphin data sources | ||
Dataphin data source - Create Dataphin data source | ||
Dataphin data source - Edit Dataphin data source | ||
Dataphin data source - View Dataphin data source details | ||
Dataphin data source - Delete Dataphin data source | ||
Dataphin data source - Accelerate data source | ||
Dataphin data source - Transfer Dataphin data source owner | ||
O&M | View | O&M monitoring - API call statistics |
O&M monitoring - API rate limiting | ||
O&M monitoring - API alerts | ||
API O&M - API rate limit configuration | ||
API O&M - API alert configuration | ||
Service call log query - View API call logs | ||
Service call log query - View Dataphin data source usage logs | ||
Management | View | Project management - View project list |
Project management - Create project | ||
Project management - Edit project | ||
Project management - Delete project | ||
Project management - Member management | ||
Project management - View group management | ||
Project management - Group management - Create service unit group | ||
Project management - Group management - Edit service unit group | ||
Project management - Group management - Delete service unit group | ||
Project management - Group management - Create application group | ||
Project management - Group management - Edit application group | ||
Project management - Group management - Delete application group | ||
Project management - Group management - Create data source group | ||
Project management - Group management - Edit data source group | ||
Project management - Group management - Delete data source group | ||
System configuration - View configuration | ||
System configuration - Modify configuration | ||
Network configuration - View network configuration | ||
Network configuration - Enable or disable public subdomain (public cloud multi-tenant environment) | ||
Network configuration - Enable or disable internal VPC domain (public cloud multi-tenant environment) | ||
Network configuration - Bind independent domain (public cloud multi-tenant environment) | ||
Network configuration - Add to VPC whitelist (public cloud multi-tenant environment) | ||
Code sample - View API code sample | ||
Code sample - Edit API code sample | ||
Code sample - Download SDK | ||
Code sample - View Dataphin data source usage sample | ||
Code sample - Edit Dataphin data source usage sample | ||
Code sample - Download JDBC JAR | ||
More
Feature area | Global permission | Permission |
Planning | ||
Data architecture | View | Data architecture - View global section list |
Data architecture - View section details | ||
Data architecture - View associated projects | ||
Data architecture - Data section - Business entity - View version information | ||
Create | Data architecture - Create data section | |
Data architecture - Create subject area | ||
Data architecture - Create business entity | ||
Data architecture - Data section - Subject area management - Create subject area | ||
Data architecture - Data section - Subject area management - Create sub-subject area | ||
Data architecture - Data section - Subject area management - Create business entity | ||
Data architecture - Data section - Business entity - Create business entity | ||
Edit | Data architecture - Edit section | |
Data architecture - Data section - Subject area management - Edit subject area | ||
Data architecture - Data section - Business entity - Publish/Unpublish | ||
Data architecture - Data section - Business entity - Create table | ||
Data architecture - Data section - Business entity - Edit | ||
Delete | Data architecture - Delete section | |
Data architecture - Data section - Subject area management - Delete subject area | ||
Data architecture - Data section - Business entity - Unpublish and delete | ||
Common definitions | View | Common definitions - Statistic period - View all statistic periods |
Common definitions - Global variable - View global variables | ||
Common definitions - Public calendar - View public calendars | ||
Common definitions - Global variable - Request permissions | ||
Common definitions - Global variable - View dependencies | ||
Common definitions - Global variable - View version history | ||
Common definitions - Public calendar - View calendar references | ||
Common definitions - Public calendar - View calendar references - Referenced labels - View references | ||
Common definitions - Public calendar - View calendar references - Referenced labels - View label details | ||
Common definitions - Public calendar - View calendar references - Referenced date type - View details | ||
Common definitions - Public calendar - View calendar references - Referenced calendar - View details | ||
Common definitions - Offline scheduling template - View details | ||
Manage | Common definitions - Statistic period - Create statistic period | |
Common definitions - Statistic period - Edit | ||
Common definitions - Statistic period - Delete | ||
Common definitions - Global variable - View dependencies - View object | ||
Common definitions - Global variable - View version history - Compare versions | ||
Common definitions - Global variable - View version history - Roll back version | ||
Common definitions - Global variable - Create variable group | ||
Common definitions - Global variable - Create global variable | ||
Common definitions - Global variable - Edit/Delete variable group | ||
Common definitions - Global variable - Edit/Delete variable | ||
Common definitions - Public calendar - Create public calendar | ||
Common definitions - Public calendar - View calendar references - Referenced labels - Edit label | ||
Common definitions - Public calendar - View calendar references - Referenced labels - Delete label | ||
Common definitions - Public calendar - Create label | ||
Common definitions - Public calendar - Edit/Delete public calendar | ||
Common definitions - Offline scheduling template - Create offline scheduling template | ||
Common definitions - Offline scheduling template - Edit/Delete offline scheduling template | ||
Attribute management | View attributes for quality, API, table, metric, and dashboard | Attribute management - View |
Attribute management - Quality/API/Table/Metric/Dashboard - View details | ||
Manage attributes for quality, API, table, metric, and dashboard | Attribute management - Quality/API/Table/Metric/Dashboard - Create attribute | |
Attribute management - Quality/API/Table/Metric/Dashboard - Edit | ||
Attribute management - Quality/API/Table/Metric/Dashboard - Clone | ||
Attribute management - Quality/API/Table/Metric/Dashboard - Enable/Disable | ||
Attribute management - Quality/API/Table/Metric/Dashboard - Delete | ||
View label attributes | Attribute management - View | |
Attribute management - Label - View details | ||
Manage label attributes | Attribute management - Label - Create attribute | |
Attribute management - Label - Edit | ||
Attribute management - Label - Clone | ||
Attribute management - Label - Delete | ||
Attribute management - Label - Enable/Disable | ||
Label architecture | View | Label architecture - View |
Manage | Label architecture - Asset marketplace management - Add/Edit/Set category/Delete marketplace | |
Label architecture - Entity management - Add/Edit/Delete entity | ||
Label architecture - ID management - Add/Edit/Delete ID | ||
Project management | View | Project management - View joined and all projects |
Project management - View details of all projects (including details in Go to Configuration and Information Settings) | ||
Project management - Member management - View all members in each project | ||
Create | Project management - Create project - General project/Label project | |
Edit | Project management - Member management - Edit members of each project | |
Delete | Project management - Delete project (all projects) | |
Compute source | View | Compute source - View compute source list |
Compute source - Test connection | ||
Add | Compute source - Add compute source | |
Add (RAM role proxy) | Compute source - Add compute source (Lets you reference all MaxCompute projects under the current main account as compute sources) | |
Edit | Compute source - Edit/Transfer ownership/Delete | |
Delete | Compute source - Delete | |
Hadoop clusters Databricks clusters Amazon EMR clusters SelectDB clusters Doris clusters AnalyticDB for PostgreSQL clusters | View | Compute source - Manage clusters - View details of each cluster (View, View version history, Compare versions) |
Manage | Compute source - Manage clusters (Create, edit, clone, and delete clusters) | |
Acceleration source management | View | Acceleration source - View acceleration source list Acceleration source - Test connection |
Add | Acceleration source - Add acceleration source | |
Edit | Acceleration source - Edit | |
Delete | Acceleration source - Delete | |
Admin center | ||
Member management | View | View |
Member management - View list of all members | ||
Global role management - View all global roles | ||
Global role management - View role details | ||
Project role management - View all project roles | ||
Project role management - View role details | ||
Project role management - View project references | ||
User group management - View joined and all user groups | ||
User management - Joined - View user group details and permissions | ||
Member management - Member management | Manage tenant members | Member management - View contact information of all members |
Member management - Add members | ||
Member management - Auto-add members (SSO) | ||
Member management - View owner transfer records | ||
Member management - Account system sync (SSO) | ||
Member management - Edit/Enable or disable/Transfer/Add to user group/Delete | ||
Member management - Project role management | Manage project roles | Project role management - Create, clone, edit, enable/disable, delete, or replace |
Member management - User group | Manage user groups | User group management - Create and clone user groups |
User group management - Manage members, and edit, delete, or enable/disable user groups | ||
Permission management | View | View permission management |
Permission management - Table management | Grant permissions for all tables | Allows roles to grant authorization for all tables to new roles during their creation. Only a super administrator can assign this permission. |
Table permission management | Permission management - Table permissions - Batch grant/revoke | |
Permission management - Access audit | Access audit | Access audit - Asset access audit - View/Export |
Access audit - Asset operation audit - View/Export | ||
Data source management | View | View data sources |
Data source management - Data source - View all data sources/Test connections | ||
Data source management - Custom source type - View all source types | ||
View connection information | Data source management - Data source - View connection information | |
Data source management - Data source | Add | Data source management - Data source - Add data source |
Add (RAM role proxy) | Data source - Add MaxCompute data source (Lets you reference all MaxCompute projects under the current main account as data sources) | |
Edit | Data source management - Data source - Edit data source | |
Data source management - Data source - View connection information | ||
Data source management - Data source - Edit/Transfer ownership | ||
Data source management - Data source - Manage labels/Source systems | ||
Delete | Data source management - Data source - Delete data source | |
Data source management - Data source - Delete production and development data sources | ||
Data source management - Custom source type | Manage | Data source management - Custom source type - Add custom source type |
Data source management - Custom source type - Transfer/Edit | ||
Data source management - Custom source type - Delete custom source type | ||
System settings | View | View system settings |
System settings - Compute settings - View/Validate | ||
System settings - Intelligent engine - View | ||
System settings - Cross-platform migration - View | ||
System settings - Approval template - View | ||
System settings - Global label settings - View | ||
System settings - Analysis platform settings - View | ||
System settings - Development platform settings - View | ||
System settings - Basic settings | Manage | System settings - Basic settings - Manage |
System settings - Compute settings | Manage | System settings - Compute settings - Edit |
System settings - Resource settings | Manage | System settings - Resource settings - Resource group configuration - Create, edit, enable/disable, or delete custom resource groups |
System settings - Resource settings - Resource group configuration - Modify tenant default resource group | ||
System settings - Intelligent engine | Manage | System settings - Intelligent engine - Edit |
System settings - Cross-platform migration | Manage | System settings - Cross-platform migration - Edit |
System settings - Approval template | Manage | System settings - Approval template - Add/Edit/Delete |
System settings - Third-party Python packages | Manage | System settings - Third-party Python packages - Install Python module |
System settings - Label platform settings | Manage | System settings - Label platform settings - Edit |
System settings - Analysis platform settings | Manage | System settings - Analysis platform settings - Edit |
System settings - Development platform settings | Manage | System settings - Development platform settings - Edit |
Governance settings | View | View governance settings |
Governance settings - Naming convention - View | ||
Governance settings - Security settings - View | ||
Governance settings - Data download - View | ||
Governance settings - Data permissions - View | ||
Governance settings - Change policy - View | ||
Governance settings - Change rule - View | ||
Governance settings - Naming convention | Manage | Governance settings - Naming convention - Edit |
Governance settings - Security settings | Manage | Governance settings - Security settings - Edit |
Governance settings - Data download | Manage | Governance settings - Data download - Edit |
Governance settings - Data permissions | Manage | Governance settings - Data permissions - Edit |
Governance settings - Change policy | Manage | Governance settings - Change policy - Edit |
Governance settings - Change rule | Manage | Governance settings - Change rule - Edit |
Governance settings - File naming convention | Manage | Governance settings - File naming convention - Edit |
Cross-tenant publishing | View | View cross-tenant publishing |
Cross-tenant publishing - View publishing settings | ||
Enable cross-tenant publishing mode | Maintenance and Upgrade - Cross-tenant publishing
| |
Profile | ||
Notification center | Manage notification settings | Notification settings - View & Edit |
Alert center | View | Alert center - View |
Alert center - Alert events - View all alert events | ||
Alert center - Push history - View all push history | ||
Alert center - Alert events - Handle | ||
Alert center - Push history - View alert content | ||
Alert center - Message template - View | ||
Alert center - On-call schedule - View on-call schedule | ||
Alert center - On-call schedule - View on-call schedule details | ||
Manage | Alert center - Alert events - Do Not Disturb | |
Alert center - Message template - Edit | ||
Alert center - Create/Edit/Delete on-call schedule | ||
Project role permissions
Feature area | Permission | Description |
Project Management | ||
Member management | Edit | Add, remove, or modify roles for project members. |
Configure project information | View | View project information settings. |
Edit | Edit project information settings. | |
Invoke JDBC Driver | Invoke JDBC Driver | Execute SQL statements within a project by using the JDBC Driver. |
Project quality management | Quality rule management | Create and manage monitoring rules, verification records, and issue lists for selected objects in a project. |
Planning | ||
Business entity | Edit | Create, edit, delete, and decommission business entities. |
Data Integration | ||
Data integration | Access directory | View, search, and filter the real-time integration directory. |
View, search, and filter the pipeline task directory. | ||
View details | View the canvas, operators, properties, and history of real-time integration tasks. | |
View the canvas, operators, properties, and history of pipeline tasks. | ||
Edit | Create folders in the real-time integration directory. | |
Edit, rename, or delete folders in the real-time integration directory. | ||
Create real-time full database synchronization tasks. | ||
Move real-time full database synchronization tasks. | ||
Decommission real-time full database synchronization tasks. | ||
Edit the data source, synchronization settings, target table configuration, and DDL processing policy for a real-time full database synchronization task. | ||
Modify the owner of a real-time full database synchronization task in its properties. | ||
Configure resources for real-time full database synchronization tasks. | ||
Lock real-time full database synchronization tasks. | ||
Save real-time full database synchronization tasks. | ||
Decommission and delete real-time full database synchronization tasks. | ||
Create folders in the pipeline task directory. | ||
Edit, rename, or delete folders in the pipeline task directory. | ||
Upload files to the pipeline task directory. | ||
Delete tasks from the pipeline task directory. | ||
Create pipeline tasks. | ||
Add, edit, and delete components in a pipeline task. | ||
Clone pipeline tasks. | ||
Save pipeline tasks. | ||
Delete pipeline tasks. | ||
Decommission and delete pipeline tasks. | ||
Configure properties for a pipeline task, such as scheduling configuration, channel configuration, and quality monitoring. | ||
Lock pipeline tasks. | ||
Refresh pipeline tasks. | ||
Move pipeline tasks. | ||
Execute | Submit real-time full database synchronization tasks. | |
Run pipeline tasks. | ||
Preview pipeline tasks. | ||
Submit pipeline tasks. | ||
Data Development | ||
Standard modeling | Access directory | View the directory for dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. |
Filter and search the directory for dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. | ||
View details | View the model view, list view, table properties, history, version details, and version comparison for dimension logic tables. | |
View the model view, list view, table properties, history, version details, and version comparison for fact logic tables. | ||
View the model view, list view, table properties, history, version details, and version comparison for atomic metrics. | ||
View the model view, list view, table properties, history, version details, and version comparison for business qualifiers. | ||
View the model view, list view, table properties, history, version details, and version comparison for derived metrics. | ||
View the model view, list view, table properties, history, version details, and version comparison for summary logic tables. | ||
Edit | Create dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. | |
Edit dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. You can use the canvas, configure materialization, edit properties, lock objects, and roll back versions. | ||
Save dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. | ||
Delete dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables. | ||
Manage, create, register, or associate new metrics for summary logic tables. | ||
Clone atomic metrics or business qualifiers. | ||
Create a logical table in the Data Architecture module. | ||
Execute | For dimension logic tables, fact logic tables, atomic metrics, business qualifiers, derived metrics, and summary logic tables: Run smoke tests, submit, decommission, or decommission and delete. | |
Data processing | Access directory | View, filter, and search the code task directory. |
View, filter, and search the resource and function directories. | ||
View, filter, and search code templates. | ||
View, filter, and search tables in table management. | ||
View, filter, and search sync tasks. | ||
View details | For a code task: view content, view properties (read-only), view history (rollback not supported), refresh, and view logs. | |
For a resource or function: view content, properties, history, logs, and download. | ||
For a code template: view the template, version, and reference information. | ||
For a table in table management: view content, properties, and history (rollback not supported). | ||
For a sync task: view content, properties (read-only), and history (rollback not supported). | ||
Edit | Create folders or tasks in the code task directory. | |
Edit folders or tasks in the code task directory. | ||
Delete folders or tasks in the code task directory. | ||
Create code tasks. | ||
Edit, clone, rename, modify code, save, format, lock, edit properties, and roll back versions for code tasks. | ||
Delete code tasks. | ||
Move code tasks. | ||
Create folders or objects in the resource and function directories. | ||
Edit folders or objects in the resource and function directories. | ||
Delete folders or objects in the resource and function directories. | ||
Create resources or functions. | ||
Edit resources or functions. | ||
Roll back versions of resources or functions. | ||
Delete resources or functions. | ||
Move resources or functions. | ||
Create code templates. | ||
Edit, clone, rename, modify code, save, and lock code templates. | ||
Delete code templates. | ||
Create tables in table management. | ||
Edit, rename, move, save, lock, and roll back versions of tables in table management. | ||
Delete tables in table management. | ||
For mirrored tables: perform special edits such as batch association and auto association. | ||
Create sync tasks. | ||
Edit, rename, move, modify, save, and lock sync tasks. | ||
Delete sync tasks. | ||
Execute | Execute, submit, precompile, decommission, or decommission and delete a code task. | |
Submit a resource or function. | ||
Debug, submit, or decommission and delete a code template. | ||
Submit, decommission, or decommission and delete a table in table management. | ||
Submit, decommission, or decommission and delete a sync task. | ||
Ad-hoc query | Access directory | View the ad-hoc query directory. |
View details | For an ad-hoc query: view content, assistant, history, and logs. | |
Edit | Create folders or queries in the ad-hoc query directory. | |
Rename or move folders and queries in the ad-hoc query directory. | ||
Delete folders or queries from the ad-hoc query directory. | ||
Create ad-hoc queries. | ||
Edit, rename, modify code, save, format, and lock ad-hoc queries. | ||
Delete ad-hoc queries. | ||
Refresh ad-hoc queries. | ||
Move ad-hoc queries. | ||
Execute Note Enforcement differs between the UI and OpenAPI. While this permission is required in the UI, OpenAPI calls may succeed if you hold any other execution-related permission. | Execute code in an ad-hoc query. | |
Precompile code in an ad-hoc query. | ||
Global search | Global search | Search for resources. |
Search within code. | ||
Recycle bin | Delete | Permanently delete items from the recycle bin. |
Restore | Restore items from the recycle bin. | |
Project Asset Permissions | ||
Physical table | Create | Create physical tables. |
Query table data | Query data from physical tables and physical views in the project. | |
Modify table data | Modify data in physical tables of the project. | |
Modify table structure | Modify the structure of physical tables in the project. | |
Delete table | Delete physical tables in the project. | |
Logical table | Query table data | Query data from logical tables (metrics in the project's summary logic tables) and logical views within the project. |
Real-time metatable | Query table data | Query data from real-time metatables. |
Modify table data | Modify data in real-time metatables. | |
Mirrored table | Query table data | Query data from mirrored tables. |
Dataset | Use | Use all datasets in the project. |
Deployment and O&M | ||
Deployment module | View details | View the pending deployment list and version history. |
View the deployment list, deployment details, and failure logs. | ||
Deploy (Production Only) | Deploy objects from the pending deployment list. | |
Redeploy objects from the deployment list. | ||
Remove | Remove objects from the pending deployment list. | |
O&M | Access directory | View the exception statistics and dashboard. |
View the task list for scheduled, manual, and real-time tasks. | ||
Search and filter the list of scheduled, manual, and real-time tasks. | ||
View the instance list for scheduled, manual, real-time, and backfill instances. | ||
Search and filter the list of scheduled, manual, real-time, and backfill instances. | ||
View basic information | View the DAG, node details, and operation logs for scheduled, manual, and real-time tasks. | |
View instances (task instances and backfill instances) for scheduled, manual, and real-time tasks. | ||
For scheduled, manual, and real-time tasks: edit development nodes and view production nodes. | ||
For scheduled tasks (logical tables only): perform field and batch operations, and view production and consumption lineage. | ||
Expand parent and child nodes for scheduled, manual, and real-time tasks. | ||
View the DAG, node details, and operation logs for scheduled, manual, real-time, and backfill instances. | ||
For scheduled, manual, real-time, and backfill instances: edit development nodes and view production nodes. | ||
Expand parent and child nodes for scheduled, manual, real-time, and backfill instances. | ||
View tasks associated with scheduled, manual, real-time, and backfill instances. | ||
For scheduled instances (logical tables only): perform field and batch operations, and view production and consumption lineage. | ||
View details (including code) | View node code for scheduled, manual, and real-time tasks. | |
View materialization code for scheduled tasks (logical tables only). | ||
View node code, run logs, and run diagnostics for scheduled, manual, real-time, and backfill instances. | ||
View materialization code for scheduled instances (logical tables only). | ||
O&M operations | Backfill data for scheduled, manual, and real-time tasks. | |
Modify the owner of scheduled, manual, and real-time tasks. | ||
Pause and resume scheduled, manual, and real-time tasks. | ||
Configure monitoring and alerting for scheduled, manual, and real-time tasks. | ||
For scheduled, manual, real-time, and backfill instances: rerun, rerun downstream, mark as successful and continue scheduling, terminate, or force a rerun. | ||
For scheduled, manual, real-time, and backfill instances: remove upstream dependencies, pause, and resume instances. | ||
Resource configuration | Modify the task priority for scheduled, manual, and real-time tasks. | |
Modify the resource queue for scheduled, manual, and real-time tasks. | ||
Modify the configuration for real-time tasks. | ||
Task monitoring configuration | Access directory | View the directory list for offline and real-time monitoring. |
Filter the list for offline and real-time monitoring. | ||
Create | Create offline or real-time monitoring configurations. | |
Edit | Edit, enable, or disable monitoring configurations. | |
Modify the notification recipient list. | ||
Delete monitoring configurations. | ||