Decube
Try for free
  • 🚀Overview
    • Welcome to decube
    • Getting started
      • How to connect data sources
    • Security and Compliance
    • Data Policy
    • Changelog
    • Public Roadmap
  • Support
  • 🔌Data Warehouses
    • Snowflake
    • Redshift
    • Google Bigquery
    • Databricks
    • Azure Synapse
  • 🔌Relational Databases
    • PostgreSQL
    • MySQL
    • SingleStore
    • Microsoft SQL Server
    • Oracle
  • 🔌Transformation Tools
    • dbt (Cloud Version)
    • dbt Core
    • Fivetran
    • Airflow
    • AWS Glue
    • Azure Data Factory
    • Apache Spark
      • Apache Spark in Azure Synapse
    • OpenLineage (BETA)
    • Additional configurations
  • 🔌Business Intelligence
    • Tableau
    • Looker
    • PowerBI
  • 🔌Data Lake
    • AWS S3
    • Azure Data Lake Storage (ADLS)
      • Azure Function for Metadata
    • Google Cloud Storage (GCS)
  • 🔌Ticketing and Collaboration
    • ServiceNow
    • Jira
  • 🔒Security and Connectivity
    • Enabling VPC Access
    • IP Whitelisting
    • SSH Tunneling
    • AWS Identities
  • ✅Data Quality
    • Incidents Overview
    • Incident model feedback
    • Enable asset monitoring
    • Available Monitor Types
    • Available Monitor Modes
    • Catalog: Add/Modify Monitor
    • Set Up Freshness & Volume Monitors
    • Set Up Field Health Monitors
    • Set Up Custom SQL Monitors
    • Grouped-by Monitors
    • Modify Schema Drift Monitors
    • Modify Job Failure Monitors (Data Job)
    • Custom Scheduling For Monitors
    • Config Settings
  • 📖Catalog
    • Overview of Asset Types
    • Assets Catalog
    • Asset Overview
    • Automated Lineage
      • Lineage Relationship
      • Supported Data Sources and Lineage Types
    • Add lineage relationships manually
    • Add tags and classifications to fields
    • Field Statistcs
    • Preview sample data
  • 📚Glossary
    • Glossary, Category and Terms
    • Adding a new glossary
    • Adding Terms and Linked Assets
  • Moving Terms to Glossary/Category
  • AI Copilot
    • Copilot's Autocomplete
  • 🤝Collaboration
    • Ask Questions
    • Rate an asset
  • 🌐Data Mesh [BETA]
    • Overview on Data Mesh [BETA]
    • Creating and Managing Domains/Sub-domains
    • Adding members to Domain/Sub-domain
    • Linking Entities to Domains/Sub-domains
    • Adding Data Products to Domains/Subdomains
    • Creating a draft Data Asset
    • Adding a Data Contract - Default Settings
    • Adding a Data Contract - Freshness Test
    • Adding a Data Contract - Column Tests
    • Publishing the Data Asset
  • 🏛️Governance
    • Governance module
    • Classification Policies
    • Auto-classify data assets
  • ☑️Approval Workflow
    • What are Change Requests?
    • Initiate a change request
    • What are Access Requests?
    • Initiate an Access Request
  • 📋Reports
    • Overview of Reports
    • Supported sources for Reports
    • Asset Report: Data Quality Scorecard
  • 📊Dashboard
    • Dashboard Overview
    • Incidents
    • Quality
  • ⏰Alert Notifications
    • Get alerts on email
    • Connect your Slack channels
    • Connect to Microsoft Teams
    • Webhooks integration
  • 🏛️Manage Access
    • User Management - Overview
    • Invite users
    • Deactivate or re-activate users
    • Revoke a user invite
  • 🔐Group-based Access Controls
    • Groups Management - Overview
    • Create Groups & Assign Policies
    • Source-based Policies
    • Administrative-based Policies
    • Module-based Policies
    • What is the "Owners" group?
  • 🗄️Org Settings
    • Multi-factor authentication
    • Single Sign-On (SSO) with Microsoft
    • Single Sign-On (SSO) with JumpCloud
  • ❓Support
    • Supported Features by Integration
    • Frequently Asked Questions
    • Supported Browsers and System Requirements
  • Public API (BETA)
    • Overview
      • Data API
        • Glossary
        • Lineage
        • ACL
          • Group
      • Control API
        • Users
    • API Keys
Powered by GitBook
On this page
  • Asset Selection for Access Controls
  • Select assets to grant permissions
  • Select Permissions for Granting Assets
  • Permissions for Source-based policies
  • Catalog and Governance
  • Asset Details
  • Run the profiler for Profile & Field Statistics
  • Preview
  • Change requests
  • Data Quality
  • Incidents
  • Config
  • Data Recon
  • Data Recon Configuration
  • Export Data Recon Details
  • Reports
  1. Group-based Access Controls

Source-based Policies

Here's an explanation for each Source-base policy.

PreviousCreate Groups & Assign PoliciesNextAdministrative-based Policies

Last updated 1 month ago

A Source-based Policy includes all resource-based type permissions, which user will need to assign to a selected data source that has been connected to decube. Before you can select permissions, you will need to first select a data source that has been already added to decube.

Asset Selection for Access Controls

Administrators can opt to either grant permissions to resources by the entire source, entire schemas or to assets directly. This also allows administrators to grant different types of permissions to users in each Catalog asset.

Select assets to grant permissions

In the source-based policies form, select the data source which you want to add permissions for. From here, you can choose to:

  • Grant access to everything: This grants access to the same permissions to all assets within the data source, including future assets that are added to the source.

  • Grant access to specific schemas: This grants access to all tables within a schema, including future tables that are added to the selected schema.

  • Grant access to specific assets: This grants access to specific assets only in a source that the administrator has to select.

To grant specific assets inside the source, users can use the search bar to search for the assets and add them into the list. For Data warehouse or RDBMS connections, users can further narrow down the selection by filtering the asset search by schemas.

Once asset selection has been completed, the user can then continue proceed to the permissions screen.

Select Permissions for Granting Assets

Permissions for Source-based policies

Catalog and Governance

Asset Details

  • Read-only: User able to see Assets in the Catalog but unable to make changes.

  • Edit: User able to create and submit change requests for asset such as description, tags and classifications.

Run the profiler for Profile & Field Statistics

  • Allow run profiler: User able to run profiler to generate Table Overview and Field Statistics results.

Preview

Change requests

  • Approve or reject change requests: User can review change requests and be selected as an approver for change requests.

Data Quality

Incidents

  • Read-only: User is able to see incidents, but unable to edit selection in Incident Details such as status.

  • Edit: User is able to update selection in Incident Details such as close or mute incidents.

Config

  • Read-only: User able to view the list of monitoring settings in the Config, but unable to create new or modify existing monitors

  • Add, modify and delete monitors: User able to create and edit monitoring settings for all types of monitors.

Data Recon

By Default, access to Data Recon is disabled for a user unless they possess a policy of Enable Data Recon. Enabling Data Recon for a source enables users to see the list of completed recons that has been completed with that data source.

Data Recon Configuration

  • Create: User can add a new recon configuration.

  • Edit: User can edit schedule for recon configuration.

  • Delete: User can delete any existing recon.

Export Data Recon Details

  • Allow export: Allow user to export unmatched rows from Recon details.

Reports

  • Allow export reports: allowing users to access the reports module and generate reports.

Administrators can then select from a list of permissions that will apply to the selected assets in the form. The list of permissions that can be granted to the user with the permitted actions are listed in the section .

Run preview: User able to run preview to .

🔐
obtain sample data
Permissions for Source-based policies
Option to grant everything or to specific assets.
Selecting assets in the source to grant permissions for.
Example of the Permissions screen.