On this page

    Access Management

    Dremio allows for the implementation of granular-level privileges, which defines a user/role’s access and available actions for specific objects, such as a dataset, project, or cloud. This is called access management, and gives administrators the ability to restrict access to any object in Dremio.

    The following features are available:

    • Fine-grained Privileges. Numerous new privileges enable users to perform a wider range of operations in Dremio.
    • Privileges on Objects. Privileges may be set on individual datasets or whole schemas, allowing for a simplified configuration with larger catalogs.
    • Flexible Management. Privileges can be easily configured using SQL Commands, REST APIs, and an intuitive and easy-to-use user interface.
    • Ownership. An object-oriented model allows for a clearly-defined and transferable owner for all aspects in Dremio, including cloud and engine configuration. Users with ownership over an object will automatically retain all privileges necessary to modify the object and read/write its data.
    • Users & Roles. Administrators may create and manage identities in Dremio or using external identity providers (IdP).

    The following help topics cover the various aspects of access management, along with instructions for how to apply privileges via Dremio:

    The following SQL commands may be used from the SQL Runner: