User Roles and Privileges Reference
Cloudera Navigator lets authenticated users—those who have successfully logged in to Cloudera Navigator console—access features and functionality according to specifically assigned user roles. The Cloudera Navigator user role scheme requires the use of an external LDAP-compliant identity-directory service, such as OpenLDAP or Microsoft Server Active Directory. See Cloudera Navigator Authentication Overview for details.
After users have been assigned to various groups in the external LDAP-compliant identity-directory service, Cloudera Navigator administrators can grant user roles to various groups as needed. See Administering User Roles for details.
Information about user roles and the specific privileges to Cloudera Navigator is contained in the high-level summary and detailed matrix below.
Cloudera Navigator User Roles
- Auditing Viewer—View audit events, view audit analytics, and create audit reports.
- Custom Metadata Administrator—Search for entities, view metadata, view lineage, view metadata analytics, edit custom metadata, edit managed metadata.
- Managed & Custom Metadata Editor—Search for entities, view metadata, view lineage, edit custom metadata, edit managed metadata, and define managed metadata models.
- Metadata & Lineage Viewer—Search for entities, view metadata, view lineage, and view metadata analytics such as the Data Stewardship Dashboard and the Data Explorer.
- Policy Editor—View, create, update, and delete metadata policies.
- Policy Viewer—View policies that can be applied to metadata.
- User Administrator—Assign user roles to groups. Requires the group (and the user accounts it contains) to exist in an LDAP-compliant directory service. See Configuring Navigator User Roles and Authentication and Cloudera Navigator for details.
- Full Administrator—Complete administrative and management access, including assigning user roles to groups.
- Navigator Administrator—View data in Cloudera Manager, view service and monitoring information, administer Cloudera Navigator, view audit events.
Cloudera Navigator User Role Details
The Cloudera Manager user roles Full Administrator and Navigator Administrator have all privileges listed in the table below.
|Cloudera Navigator User Role|
|Auditing Viewer||Custom Metadata Admin- istrator||Managed & Custom Metadata Editor||Metadata & Lineage Viewer||Policy Editor||Policy Viewer||User Admin- istrator|
|Administer role group mapping|
|Configure and perform command actions|
|Define metadata models|
|Edit custom metadata|
|Edit managed metadata|
|Search for entities|
|Start maintenance job|
|View audit analytics|
|View audit events|
|View maintenance history|
|View metadata analytics|
|View metadata policies|