Role-based access control
Role-based access control (RBAC) is a mechanism that restricts system access. It involves setting permissions and privileges to enable access to authorized users only. Access rights and actions are assigned according to a user's role within CDP Data Visualization.
RBAC enables administrators to exercise fine-grain control over data and feature access based on roles. Everyone who holds a certain role has the same set of rights. Those who hold different roles have different rights. For more information, see Role privileges.
RBAC consists of the following components:
- Permissions
- Permissions define access to visuals, datasets, data connections, and system-level functions. There are four categories of permissions: system, role, connection, and dataset. For more information, see the List of permissions.
- Privileges
- Privileges are sets of permissions of a particular type and the associated components on which the permissions are granted. For example, a privilege may consist of the permission View visuals and dashboards on component specifier Connection default / All datasets.
- Members
- Members are a list of users and groups that are assigned to a particular role.
- Roles
- Roles are collections of privileges and associated members who have these privileges.