Privileges
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace  Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
Privileges enable the Administrator to grant granular and specific privileges for different activities to different users.
Additionally, the administrator can assign privileges for admin activities like:
User management (users, groups, roles, import LDAP users)Â
Connection Â
License managementÂ
Resource allocationÂ
Cluster SchedulingÂ
Cluster Usage monitoringÂ
Monitor different processes, process jobs, and queriesÂ
Notifications SubscriptionÂ
When you are viewing or editing a role, click the Expand All icon at the top of the Roles window to view all of the privileges. Or, you can expand a single section.
Hover the cursor over an option within a category to view details about that option. For example, under the semantic models section, you can hover the cursor over Manage Jobs to learn what that privilege allows a user to do. Most are self-explanatory, but a few need further explanation.
Execute means you can use that type of object (dataset, semantic model, etc.) as the input object for a step but not view it directly or modify it. For example, you can use the a semantic model to create a workbook, but you can't view the semantic model or modify it.
Notification privileges let you specify by a group who can provide inputs for global events and who can subscribe other users to specific types of notifications. If a user is a member of a group with specific notification privileges set, they will receive those notifications without having to subscribe themselves or having someone subscribe to each individual. They have the option to unsubscribe themselves.
SQL Impersonation is required for impersonation from Tableau via the SQL interface. If you are not using the data with Tableau, this privilege isn't needed.
When you click some privileges, others are automatically granted. For example, when you click Modify under semantic models, View is automatically also granted.Â
The following table enlists the details of all the privileges available in the system.
Privilege group | Privilege | Description |
User Management | View | Allows the user to view user configuration information. |
Modify | Allows the user to modify user configuration information. | |
Connection Management | View | Allows the user to view connection properties and configurations |
Modify | Allows the user to modify connection properties and configurations | |
License Management | View | Allows the user to view the license. |
Upload | Allows the user to upload a license. | |
Resource Allocation | View | Allows the user to allocate resources. |
Modify | Allows the user to modify resource allocations. | |
Import and Export Objects | Import objects | Allows the user to import the system entities. |
Export objects | Allows the user to export the system entities. | |
Monitor | View overview | Allows the user to view the overall health of the system |
View jobs and queries | Allows the user to view the running jobs and queries. | |
Cancel jobs and queries | Allows the user to cancel running jobs and queries. | |
View the active users' list | Allows the user to check currently logged-in users. | |
View Kyvos engine state | Allows the user to view the current state of the Kyvos engine. | |
View audit logs | Allows the user to monitor user and system activities. | |
Files | View | Allows the user to view the files. |
Modify | Allows the user to modify the files. | |
Add folder | Allows the user to add a folder for files. | |
Manage jobs | Allows the user to schedule data profiling jobs for the files. | |
Share | Allows the user to grant access permissions on files. | |
Execute | Allows the user to use the files in transformations or relationships. | |
Transformations | View | Allows the user to view the transformations. |
Modify | Allows the user to modify the transformations. | |
Add folder | Allows the user to add a folder for transformations. | |
Manage jobs | Allows the user to schedule different jobs for the transformations. | |
Share | Allows the user to grant access permissions on transformations. | |
Execute | Allows the user to use the datasets in relationships. | |
Relationships | View | Allows the user to view relationships. |
Modify | Allows the user to modify relationships. | |
Add folder | Allows the user to add a folder for relationships. | |
Share | Allows the user to grant access permissions on relationships. | |
Execute | Allows the user to use relationships in semantic models. | |
Semantic models | View | Allows the user to view semantic models. |
Modify | Allows the user to modify semantic models. | |
Add folder | Allows the user to add folder semantic models. | |
Manage jobs | Allows the user to schedule jobs for semantic models. | |
Data security | Allows the user to set data security rules for users and groups. | |
Cache rules | Allows the user to set rules for controlling cache repopulation. | |
Export semantic model metadata | Allows the users to export semantic model metadata. | |
Drill through | Allows the user to view the drill-through reports. | |
Share | Allows the user to grant access permissions on semantic models. | |
Execute | Allows the user to use the semantic models in worksheets. | |
Advanced System Properties** | Allows non-admin users to use application-level advanced properties that require admin access. | |
Workbooks | View | Allows the user to view workbooks. |
Modify | Allows the user to modify workbooks. | |
Add folder | Allows the user to add a folder for workbooks. | |
Share | Allows the user to grant access permissions on workbooks. | |
Export | Allows the user to export workbooks/worksheets. | |
Notifications | Admin | Allows the user to manage notifications. |
System events | Allows the user to get the notification for system events. | |
Entity modify | Allows the user to get a notification when an entity is modified. | |
Semantic model process start | Allows the user to get a notification when a semantic model process starts. | |
Semantic model process failure | Allows the user to get a notification when a semantic model process fails. | |
Semantic model processsuccess | Allows the user to get a notification when a semantic model process succeeds. | |
Transformation process start | Allows the user to get a notification when a transformation process starts. | |
Transformation process failure | Allows the user to get a notification when a transformation process fails. | |
Transformation process success | Allows the user to get a notification when a transformation process succeeds. | |
SQL impersonation | Allows user impersonation while using Tableau's initial SQL feature. |
Note
**The Advance System Properties privilege allows users to modify the following admin access properties:Â
kyvos.cuboid.replication.type
kyvos.query.cuboidcache.strategy
kyvos.query.resultcache.strategy
kyvos.query.cuboidcache.compression
kyvos.query.dfsread.retryonerror.count
kyvos.query.dfsread.verifychecksum
kyvos.query.resultcache.lookup.strategy
kyvos.cuboid.replication.factor
Kyvos.query.cuboidcache.tier
Related topics
Copyright Kyvos, Inc. All rights reserved.