Collaboration roles for governance
Review the collaboration roles for managing access to governance tools such as inventories, AI use cases, and evaluations.
User roles and permissions for governance
The permissions that you allow you to work with governance artifacts depend on your watsonx roles:
- IAM Platform access roles determine your permissions for the IBM Cloud account. At least the Viewer role is required to work with services.
- IAM Service access roles determine your permissions within services.
- Workspace collaborator roles determine what actions you have permission to perform within workspaces in IBM watsonx.
For details, see Levels of user access roles in IBM watsonx.
Roles for governance
If you have the IAM Platform Admin role, you can:
- Provision watsonx.governance
- Create inventory
- Create the default inventory for shared access to governance artifacts. For details, see Setting up the default inventory.
- Enable external model tracking
- Create attachment fact definitions
- Customize report templates
If you have these workspace roles for an inventory, you can:
| Enabled permission | Viewer | Editor | Admin/Owner |
|---|---|---|---|
| Create and edit AI use cases | ✓ | ✓ | |
| View AI use cases | ✓ | ✓ | ✓ |
| Add collaborators to an inventory | ✓ | ||
| Delete inventory | ✓ | ||
| Evaluate model deployment | ✓ | ✓ | |
| Add collaborators to a use case | ✓ | ✓ | |
| Generate reports | ✓ | ✓ | ✓ |
| Add attachments to a use case | ✓ | ✓ | |
| Update asset type definitions (For example: model_entry_user, modelfacts_user) |
✓ |
If you have these workspace roles for an AI use case, you can:
| Enabled permission | Editor/Collaborator | Admin/Owner |
|---|---|---|
| Delete AI use cases | ✓ | |
| Add collaborators to the use case | ✓ | |
| Edit AI use case | ✓ | ✓ |
| Edit use case | ✓ | ✓ |
| Add values to custom facts | ✓ | ✓ |
| Upload attachments to use case | ✓ | ✓ |
Your role for an inventory takes precedence over your role for assets within the inventory, such as use cases. For example, if you are an Admin for an inventory, you can edit use cases within the inventory, regardless of your role on the use cases.
If you have these workspace roles for a project or space, you can:
| Enabled permission | Viewer | Editor/Collaborator | Admin/Owner |
|---|---|---|---|
| Upload attachments to use case | ✓ | ✓ | |
| Add values to custom facts | ✓ | ✓ | |
| View AI factsheet | ✓ | ✓ | ✓ |
| Generate report | ✓ | ✓ | ✓ |
Primary owners of assets
The most recently assigned owner of an asset is the primary owner of that asset. You cannot edit the access level of the primary owner. Also, you cannot remove the primary owner from the asset.
If you want to change the primary owner of an asset, you must first assign a new owner. The new owner then becomes the primary owner of the asset.
For example, if you want to change the owner of a use case from User A to User B, do these steps:
- Assign the Owner access level to User B. User B is now the primary owner of the use case.
- Change the access level of User A.