Role-based access control
Databand provides two mechanisms to control user actions on the platform: groups and roles.
Defining RBAC groups in the UI
The instructions to define groups can be found on the Settings page, Adding groups to Databand.
In large organizations, the volume of data processes can quickly become overwhelming. Tracking your team's alerts, data pipelines, and runs can be a real challenge. With Databand groups you can organize and manage the sources, projects, and pipelines that are relevant to your team.
After you create groups in Databand, you can easily filter your group and access only the assets that are associated with that specific group across the entire Databand environment. As a result, you can focus solely on your team's important data processes without getting distracted by irrelevant information.
To display the assets by using your group as a filter, click your name in the navigation panel and select the group that you want to use as your filter.
The default group for all users is All assets. Users from this group can display all the assets in the organization’s Databand environment.
RBAC roles
Users can be assigned one of three roles in Databand: Member, Admin, or Owner. These roles are used to restrict permissions for critical assets. The following table includes the list of actions that are permitted for specific roles.
| Permissions | Member | Admin | Owner |
|---|---|---|---|
| Integrations | |||
| View integrations |  |
|
|
| Create, edit, and delete integrations |  |
|
|
| Pipelines | |||
| View pipelines | |
|
|
| Add documentation to pipelines | |
|
|
| Archive and unarchive pipelines | |
|
|
| Runs | |||
| View runs | |
|
|
| Rename runs | |
|
|
| Archive and unarchive runs | |
|
|
| Datasets | |||
| View datasets | |
|
|
| Rename datasets | |
|
|
| Archive and unarchive datasets | |
|
|
| Custom queries | |||
| View data quality metrics | |
|
|
| Create custom SQL validation rules | |
|
|
| Edit custom SQL validation rules | |
|
|
| Alerts | |||
| View alerts | |
|
|
| Mark alerts as acknowledge and resolved | |
|
|
| Alert definitions | |||
| View alert definitions | |
|
|
| Assign receivers and collaborators to alert definitions | |
|
|
| Create, edit, and delete alert definitions | |
|
|
| Alert receivers | |||
| View alert receivers | |
|
|
| Create, edit, and delete alert receivers | |
|
|
| Users | |||
| View all users | |
|
|
| Invite and deactivate users | |
|
|
| Update first and last names of users | |
|
|
| Generate new passwords for users | |
|
|
| Promote users to Admin | |
|
|
| Promote users to Owner | |
|
|
| Delete pending users | |
|
|
| RBAC groups | |||
| Manage groups by using API | |
|
|
| View groups | |
|
|
| Manage users in your own groups | |
|
|
| Manage users in all groups | |
|
|
| Manage assets in your own groups | |
|
|
| Manage assets in all groups | |
|
|
| Create and delete groups | |
|
|
| Environment settings | |||
| Create personal access tokens | |
|
|
| Manage advanced settings and app integrations | |
|
|