Syntasa Application - Role Based Access Control
Syntasa consists of multiple components and modules, each serving distinct purposes. This article explains how role access is managed across the core components of the Syntasa application.
System Admin is the top most role that has permission for all modules and components. There is no restriction to this role.
Access to the main Syntasa application components is limited to the following roles:
- System Admin
- DataAI Admin
- DataAI User
All other roles are module-specific and do not have access to the core application components. For details on module-level access and roles, refer to article Role Based Access Control (RBAC) at Modules level
Below is the complete list of Syntasa application components that are accessible to users with access to the main Syntasa application. Please note:
- The (+) icon in Yes(+) indicates that the user has the ability to create the specific object.
- A value of Yes indicates that the user can access or view the object but cannot create it, or that a create option is not available for that screen.
| Menu | Submenu / Object | System Admin | DataAI Admin | DataAI User |
|---|---|---|---|---|
| Workspace | App | Yes(+) | Yes (+) | Yes (+) |
| Workspace | Dashboard | Yes(+) | Yes (+) | Yes (+) |
| Workspace | Notebook | Yes(+) | Yes (+) | Yes (+) |
| Workspace | Folder | Yes(+) | Yes (+) | Yes (+) |
| Workspace/ Dashboards | Dashboards | Yes(+) | Yes (+) | Yes (+) |
| Dashboards | Analytics | Yes | Yes | Yes |
| Dataflows | Dataflows | Yes(+) | Yes (+) | Yes (+) |
| Activity | Job Tracker | Yes | Yes | Yes |
| Activity | Executions | Yes | Yes | Yes |
| Activity | Tasks | Yes | Yes | Yes |
| Activity | Events | Yes | Yes | Yes |
| Activity | Runtime Management | Yes | Yes | No |
| User-Defined Process | UDP | Yes(+) | Yes (+) | Yes |
| Resources | Runtimes | Yes(+) | Yes (+) | Yes |
| Resources | Connections | Yes(+) | Yes (+) | Yes |
| Resources | Credentials | Yes(+) | Yes (+) | Yes |
| Resources | Datastores | Yes(+) | Yes (+) | Yes |
| Resources | Files | Yes(+) | Yes (+) | Yes (+) |
| Resources | Events | Yes(+) | Yes (+) | Yes |
| Integrations | ML Flow | Yes | Yes | No |
| Integrations | Notebook Workspace | Yes(+) | Yes (+) | Yes |
| Config -> Admin Center | Users | Yes(+) | No | No |
| Config -> Admin Center | User Groups | Yes(+) | No | No |
| Config -> Admin Center | Tags | Yes(+) | No | No |
| Config -> Admin Center | Infrastructure | Yes | No | No |
| Configuration | Trash | Yes | Yes | Yes |
Dashboard-Specific Roles
There are two additional roles specific to the Dashboard component: Dashboard Viewer and Dashboard User.
Dashboard Viewer
A user with the Dashboard Viewer role can view dashboards but cannot create new dashboards or modify or delete existing ones. This role also does not have access to the Analytics screen.
Dashboard User
A user with the Dashboard User role can create, update, and delete dashboards, subject to sharing permissions. This role also has access to the Analytics screen.
| Menu | Submenu / Object | Dashboard User | Dashboard Viewer |
|---|---|---|---|
| Dashboard | Dashboard | Yes(+) | Yes |
| Dashboard | Analytics | Yes | No |