Roles and permission grants work together to determine what data a user can build on, and how they can interact with Sigma Worksheets, Datasets and Dashboards.
- Role: A user’s role determines how a user can interact with the data they have permission to view.
- Permission Grants: Which permissions grants a user has determines which data a user has direct access to build on. Permissions can be assigned at the team or individual level.
How to Assign Permissions
Permissions in Sigma are additive. If you grant the default team “All Members” access to a schema, every member of your organization will have access to data from that schema. You can’t create a team that takes away database access permissions.
Permission grants can be given to teams or to individual members. A user will have permissions to all of the data granted to each of the teams they are a member of, as well as all of the grants they are granted individually.
When setting up permissions in Sigma, it is helpful to first set up your teams. You can then grant permissions to teams and add users to the appropriate teams.
When permissions are granted to a connection, permissions cascade down to all objects in the connection. Similarly, when you grant permissions to a schema, the permission cascade down to all tables in that schema. To write SQL, a user needs permissions against the entire connection.
- Navigate to the ‘Connections’ tab in the left hand navigation panel.
- Navigate to the object you would like to assign permissions for. You can assign permissions at the connection, database, schema, or table level.
- Open the ‘Permissions’ tab.
- Click ‘Add Permission Grant’.
- Search for the team or member you would like to grant permissions to.
- Select permission to grant. You can grant ‘Can Use’ or ‘Can Use & Annotate’. Users with annotation permissions can edit descriptions and column descriptions on tables.
- Click Save.