This functionality is for Dremio v16.0+ Enterprise Edition only. If you’re using earlier than v16.0+, then view the previous access control functionality at theUsers, Groups, and Roles and Sharing and Permissions pages.
Dremio allows for the implementation of granular-level privileges which control a user or group’s access and actions with regard to objects. This functionality is called access control, and enables administrators to manage who has permissions to view or alter specific objects.
The following features are available to control user/role access:
- Fine-grained Privileges. Numerous new privileges enable users to perform a wider range of operations in Dremio.
- Privileges on Objects and Schemas. Privileges may be set on individual datasets or whole schemas, allowing for a simplified configuration with larger catalogs.
- Flexible Management. Privileges can be easily configured using SQL Commands, REST APIs, and an intuitive and easy-to-use user interface.
- Local Users & Roles (18.0+). Administrators may create and manage identities in Dremio alongside identities from corporate LDAP or IdP, including standards-based synchronization (SCIM).
- Ownership. An object-oriented model allows for a clearly-defined and transferable owner for all aspects in Dremio, including source and space configuration.
The following help topics cover the various aspects of access control:
The following APIs are available for managing access control:
The following SQL commands may be used from the SQL Editor: