Content
Momentum provides authentication, authorization and access control at very granular level. This section describes access control features of Impulse.
User Group
Users belong to one of the following groups:
- Admin
- Writer
- Reader
- ReaderWriter
The access level of the members of these groups are described in the following table:
| Functionality | Admin | Reader | Writer | ReaderWriter |
| Data warehouse | ||||
|
yes | no | yes | yes |
|
yes | no | yes | yes |
|
yes | no | yes | yes |
|
yes | no | yes | yes |
|
yes | no | yes | yes |
|
yes | yes | yes | yes |
| Manage User | yes | no | no | no |
| Manage Roles | yes | no | no | owner DW only |
| Monitor Tasks | yes | no | yes | yes |
| SQL | yes | yes | yes | yes |
| API: Query | yes | yes | yes | yes |
| System Config | yes | no | no | no |
| System Services | yes | no | no | no |
Permission Types
- Entire warehouse: all tables within warehouse accessible
- Table or selected group of tables: only the included tables are accessible
Default role: <USER>_OWNER and assigned by default to the user who creates a warehouse
Events, Permissions, and Roles
System automatically creates and delete roles when certain events are triggered. The following table outlines events and different roles that are created or deleted.
| Events | Actions | |
| User signs up | <USER>_OWNER role is auto created | |
| Create a DW |
|
|
| Delete DW |
|
|
| Delete Table |
|