Controlling access to an asset in a catalog

Control access to a catalog asset with a combination of the privacy level and the asset membership.

When you create an asset, you are the owner of it. Asset owners are not affected when data protection rules are enforced on the catalog.

You can set the privacy level when you create or edit an asset.

To change the access to an asset, from the catalog Browse page, click the asset name and then navigate to the Access tab.

Privacy settings and user abilities

Your ability to use or control an asset depends on the following aspects:

  • Your role in the catalog.
  • Whether you are an asset member.
  • The catalog data protection rules.
  • The asset privacy setting.

All privacy settings

The following rules apply to all privacy settings:

  • Any catalog collaborator who has the Admin role can perform any action on the asset.
  • Asset owners with the catalog Editor role can edit asset properties, delete assets, change asset members and their roles, and change privacy settings. Only asset owners can assign the Owner role to asset members. Asset owners are not subject to enforcement of data protection rules.
  • Asset editors with the catalog Editor role can edit asset properties, delete assets, change asset members and their roles to Editor or Viewer, and change privacy settings.
  • Asset viewers can view and use the asset. The asset viewer role is used primarily to give users view-only access to private assets. In public setting, all catalog collaborators can view assets in the catalog. They don’t need to be added as asset viewers as well to view public assets.

The public setting

The following rule applies to the public setting:

  • All catalog collaborators roles (Admin, Editor or Viewer) can find assets and see their properties.

The private setting

The following rule applies to the private setting:

  • Only asset asset members (asset owners, asset editors or asset viewers) can find assets and see their properties.

If you mark a connection asset as private, only members of the connection asset can add the data assets that require the connection.

Changing privacy settings

You must have the Admin role in the catalog or be an asset owner or asset member to change the privacy setting.

To change the privacy setting of an asset:

  1. Click the Edit icon edit icon next to Privacy.
  2. Select the level and click Apply.

You can also change the privacy setting of an asset by using the Data and AI Common Core API. For more information, see Update privacy settings of an asset with the Data and AI Common Core API.

Adding asset members

To add an asset member, you must have the Admin or Editor role in the catalog or be an asset owner or asset editor.

To add members to an asset:

  1. Click Add Members.

  2. Search for the catalog collaborators that you want to add. Asset members must be added as catalog collaborators.

    You can add both user groups and individual users as asset members. You can't add individual group members as asset members. You can add individual group members as catalog collaborators and then as asset members.

  3. Click Add.

You can also add asset members by using the Data and AI Common Core API. For more information, see Add/Update asset collaborators with the Data and AI Common Core API.

Removing asset members

You must have the Admin or Editor role in the catalog or be an asset owner or editor to remove an asset member.

To remove a member from an asset, click the trash can icon next to the member name and then click Delete.

Changing asset user roles

You can change asset user roles to either asset owner, asset editor, or asset viewer. Assets might have more than one owner.

For public assets, the following conditions apply:

  • The Admin catalog collaborator or the Editor catalog collaborator with the asset owner role can change asset user roles to asset owner, editor, or viewer.
  • The Editor catalog collaborator with the asset editor role can change asset user roles to asset editor or viewer.

For private assets, the following conditions apply:

  • The Admin catalog collaborator with the asset owner, editor, or viewer role can change asset user roles.
  • The Editor catalog collaborator with the asset owner role can change asset user roles.
  • The Editor catalog collaborator with the asset editor role can change asset user roles to asset editor or viewer.

To change the asset user roles:

  1. Go the asset Access control page.
  2. Select a role from the Role dropdown menu. The asset user role is updated.

When you change the owner, the original owner is no longer a member of the asset. The new owner of the asset is no longer affected by the enforcement of data protection rules on the asset.

You can also change asset owners by using the Data and AI Common Core API. For more information, see Update the owner of an asset with the Watson Data API.

Learn more

Parent topic: Catalog assets