Sprinkle gives you the flexibility to be in control of your data, and manage access & permissions of groups of users.
Managing, assigning & adjusting various permissions for a huge number of users can be a tedious task. Hence, use groups to efficiently manage access of similar kinds of users.
To quickly get you started with managing the accessibility, Sprinkle has default groups created.
The Admin has complete access to the tool and has no restrictions. They are in charge of administering and facilitating everything on the platform. Admins can be senior members of the data team who has detailed knowledge of the various data systems. The admin can manage other users on the platform and their access.
Their permissions are similar to an admin's, except for the administrative permissions. On the platform, they have access to everything they need to build pipelines, models, reports, dashboards, and more. They can create new datasets from data sources, build models, SQL Transforms, Reports, SQL explore, etc. The group can be used to manage and provide access to Data Engineers and Data Analysts.
This group of users can create and view reports and dashboards. In addition to consuming data assets, users can also create them using self-serve analytics features.
They have view-only permissions on reports and dashboards.
Made to provide API access, this group has permissions to view SQL Explore, Reports, and Model functionalities, along with the create and edit permissions on SQL Transform and DataImports.
Sprinkle provides an option to also create groups according to the customized needs of a group of users in the organization.
To create a new group, through the left navigation panel,
click on Admin -> Access Management -> Groups.
Click on New Group.
Admin can add members to the group easily, just click on Add to get started. From the available drop-down list of the users in Sprinkle, Admin can select the users to add them to the group.
Using the easy & intuitive UI, admins can easily manage the permissions of various groups across the various modules in Sprinkle. Below is a snapshot of the default permissions for the users in various groups.
Along with permissions to various modules, the admin can also manage the access of data to the users in the groups through folders.
Navigate to the folders tab and Add Folder, in case you want to provide additional access to a specific folder to the users in the group. Read more about folders here.
Row-level security lets you manage the row-level access of the models. It lets you restrict users' access only to the relevant rows of data in the table. For example, you can restrict users in Karnataka to access the sales data only relevant to Karnataka from the sales table.
Through the left navigation panel,
click on Admin -> Access Management.
Browse to the Configure Access Tab &
Click on Row Level Security from the left navigation menu. Click on "+Create RLS Attribute" button to add a new RLS attribute. In the below
example, we have created ManagerName, a RLS attribute, that would be used to restrict the sales table entries based on the manager of the sale.
Now navigate to the model section and open the model for which you need to manage the access. Select the Row Level Security Tab and then
Click on Link RLS Attribute to assign RLS Attribute to the Model.
Add USer Attribute
Fill in the Modal form, Select the Attribute created. Then select the Column Name from the Model, based on which the row entries are to be managed for different User Groups. In the below example, the ManagerName attribute is selected, and the Manager column from the test_101 model.
Click Submit, to assign the column to the user attribute ManagerName.
Assign Column to User Attribute
Now admins can use the attribute to manage the row-level access to the model data based on the requirement. For that, the admin user can browse to Admin -> Permissions -> Groups. Select the User Group for which the row-level access needs to be managed and then add the User attribute with the column entry. Only the rows corresponding to the column entry provided would be available to the users belonging to that group.
In the below
example, For the Group Analysts, the RLS attribute is added. The ManagerName attribute has been provided with the value "Jim". So, now only the row entries corresponding to the column entry of Jim is visible to the users in the Analyst Group from the test_101 sales model.
Add User Attribute to Group