...
- Create needs a WRITE on the parent
- Delete needs an ADMIN on the entity
- Delete all deletes all entities the user has privileges for and shows errors for the ones not deleted.
- List needs a READ/WRITE?/ADMIN on the entity.
- Get needs a READ on the entity and READ on the parent.
- Setting preferences needs WRITE on the entity
- Getting preferences needs READ on the entity
- Update needs ADMIN on the entity
- Adding metadata needs ADMIN on the entity
- Reading metadata needs READ on the entity
...
Entity | Operation | Required Privileges | Resultant Privileges | Notes |
---|---|---|---|---|
Namespace | create | WRITE (Instance) | ALL (Namespace) | |
update | ADMIN (Namespace) | |||
list | READ/WRITE/ADMIN (Namespace) | Listing will list all the namespaces, even if the current user does not have access to it. | ||
get | READ (Namespace) | |||
delete | ADMIN (Namespace) | |||
set preference | WRITE (Namespace) | |||
get preference | READ (Namespace) | |||
search | READ (Namespace) | |||
Artifact | add | WRITE (Namespace) | ALL (Artifact) | |
delete | ADMIN (Artifact) | |||
get | READ (Artifact) | |||
list | READ/WRITE/ADMIN (Artifact) | |||
write property | ADMIN (Artifact) | |||
delete property | ADMIN (Artifact) | |||
get property | READ (Artifact) | |||
write metadata | ADMIN (Artifact) | |||
read metadata | READ (Artifact) | |||
Application | deploy | WRITE (Namespace) READ(Artifact if deployed from an artifact) | ALL (Application) | |
get | READ (Application) | |||
list | READ/WRITE/ADMIN (Application) | |||
update | ADMIN (Application) | |||
delete | ADMIN (Application) | |||
set preference | WRITE (Application) | |||
get preference | READ (Application) | |||
add metadata | ADMIN (Application) | |||
get metadata | READ (Application) | |||
Programs | start/stop/debug | EXECUTE (Program) READ (Namespace) | ||
set instances | ADMIN (Program) | |||
list | READ/WRITE/ADMIN (Program) | |||
set runtime args | ADMIN (Program) | |||
get runtime args | READ (Program) | |||
get instances | READ (Program) | |||
set preference | WRITE (Program) | |||
get preference | READ (Program) | |||
get status | READ (Program) | |||
get history | READ (Program) | |||
add metadata | ADMIN (Program) | |||
get metadata | READ (Program) | |||
emit logs | WRITE (Namespace) | |||
view logs | READ (Program) | |||
emit metrics | WRITE (Namespace) | |||
view metrics | READ (Program) | |||
Streams | create | WRITE (Namespace) | ALL (Stream) | |
update properties | ADMIN (Stream) | |||
delete | ADMIN (Stream) | |||
truncate | ADMIN (Stream) | |||
enqueue asyncEnqueue batch | WRITE (Stream) READ (Namespace) | |||
get | READ (Stream) READ (Namespace) | |||
list | READ/WRITE/ADMIN (Streams) | |||
read events | READ (Stream) READ (Namespace) | |||
set preferences | WRITE (Stream) | |||
get preferences | READ (Stream) | |||
add metadata | ADMIN (Stream) | |||
get metadata | READ (Stream) | |||
view lineage | READ (Stream) | |||
emit metrics | WRITE (Namespace) | |||
view metrics | READ (Stream) | |||
Datasets | create | WRITE (Namespace) | ALL (Dataset) | |
get | READ (Dataset) READ(Namespace) | |||
list | READ/WRITE/ADMIN (Datasets) | |||
update | ADMIN (Dataset) READ(Namespace) | |||
drop | ADMIN (Dataset) | |||
truncate | ADMIN (Dataset) | |||
upgrade | ADMIN (Dataset) | |||
add metadata | ADMIN (Dataset) | |||
get metadata | READ (Dataset) | |||
view lineage | READ (Dataset) | |||
emit metrics | WRITE (Namespace) | |||
view metrics | READ (Dataset) |