Reference | Permission management on Dataiku Cloud#

A user’s permissions are defined by their user profile and the groups to which they belong.

User profiles#

A user’s profile is defined when inviting the user to the instance. Possible profiles are designer, explorer, or reader. The number of seats for each profile type depends on your subscription.

You can edit the profile assigned to a user by going to the Users, Profiles & Groups panel in your Launchpad, clicking on the button next to the user, and selecting Edit User.

Dataiku screenshot of the users tab in the Dataiku Cloud Launchpad.

Note

The profile “space admin” no longer exists. It is now a group, meaning that a user can be a space admin regardless of whether they have a designer, explorer, or reader seat. Users that had the profile “space admin” have been migrated to the designer profile and added to the space_administrators group to not lose any rights.

Groups#

On Dataiku Cloud, groups and permissions are managed in the Users, Profiles & Groups panel in your Launchpad. In the Groups and Permissions tab, you are able to:

  • Create, edit, or delete groups.

  • Manage group permissions.

  • Control which users are members of groups.

Dataiku screenshot of the groups and permissions tab in the Dataiku Cloud Launchpad.

Dataiku Cloud creates some groups by default to manage your users.

  • Members of space_administrators can administrate the Launchpad. By default, this group is added to every project in all Dataiku instances and the Deployer. This means that (unlike other users) space admins can see and access all projects created on the instance.

  • Members of code-studios-designers can create and use the Code Studios feature. It is created when the corresponding extension is activated, and all designers are automatically added.

  • Members of deployer (API node) and project-deployer (Automation node) can publish on the local Deployer and in the corresponding node. It is created when the extension is activated, and all designers are automatically added.

Group permissions#

If you want to manage group permissions, click on the button for a group, and select Edit Group. You are able to adjust permissions for your Dataiku instance and for panels of the Launchpad.

  • The Space Admin permission gives access to all panels and rights in the Launchpad.

  • The Manage code envs permission allows users to access the Code Envs panel and create, edit, or delete code environments.

Space owner#

The space owner is a member of the space_administrators group and has similar permissions. However, the space owner is the one user that cannot be deleted or withdrawn from the group.

Space ownership can be transferred in the Users, Profiles & Groups panel by clicking on the button next to the user and selecting Transfer Space Ownership.