User Access Control for the DataOps Platform

User access to the DataOps platform is managed through Blindata permissions and enforced by the Blindata Agent. To grant or modify permissions for a user, please follow this guide .

For detailed information on the available permissions for the DataOps platform, refer to the following sections:

• DataOps Permissions
• Blueprint Permissions

A DATAOPS_ADMIN user always has full access to the services exposed by the DataOps platform.

Granular Control and Permission Inheritance

In addition to general permissions, more specific, granular access to individual Data Products can be granted. This can be done through the Stewardship Module, as outlined in the Stewardship Responsibilities Guide , or by assigning Data Products to a Team with specific policies, managed through the Teams Management Guide .

Permissions for Data Products on the platform can be inherited from Blindata Data Products. In Blindata, permissions are managed using Teams by associating Blindata objects with teams that have predefined access policies. For example:

• John can read objects associated with the “Finance” team.

Alternatively, Access Control Lists (ACLs) can be enabled based on responsibilities assigned to specific objects. For example:

• Mary is the Data Product Owner for the “Invoices” Data Product and has full access to it.

This approach allows fine-tuned access control, whether through teams or ACL-based responsibilities, to ensure users have the appropriate level of access to data products based on their roles.

Permission Overview by Functionality

The following table outlines the required permissions for various functionalities in the DataOps platform:

This table provides a quick reference for understanding the permissions required for managing various tasks and data products within the DataOps platform.