Managing user access

Security in IBM® watsonx.data is based on roles. A role is a group of permissions that control the actions you can perform in watsonx.data. To perform certain actions and manage specific sessions in watsonx.data, the user must also have the appropriate authorization.

watsonx.data Developer edition

watsonx.data on Red Hat® OpenShift®

About this task

Authorization is granted by assigning a specific role to the user account. Use the Role Based Access Control feature in watsonx.data to grant users the access privileges they require for their role.

Procedure

  1. Log in to the watsonx.data console.
  2. From the navigation menu, select Access control. Under the Infrastructure tab, the different components (Engine, Catalog, Bucket, and Database) are displayed in the table.
  3. Click the overflow icon in the components row and then click Manage access. Alternatively, you can click the Display name of the component. The selected component page opens.
  4. Under the Access control tab, click Add access.
  5. In the Add access window, provide the following details.
    Field Description
    Name You can select individual users or a user group.
    Role Select the role from the drop-down list. You can assign roles based on the component type. For more information, see Roles and privileges.
  6. Click Add. The user is added and assigned the role.
  7. To change the role that is assigned to a user, complete the following steps:
    1. Under the Infrastructure tab, click the Display name of the component in the table.
    2. The Access control tab for selected component opens.
    3. Click the overflow menu for the selected user and then select Change role.
    4. In the Change role window, select the role from the drop-down list.
    5. Click Save.
  8. To remove a user for a component, complete the following steps:
    1. Under the Infrastructure tab, click the Display name of the component in the table.
    2. The Access control tab for the selected component opens.
    3. Click the overflow menu for the selected user and then select Remove.
    4. In the Confirm removal window, click Remove.
    Note: When you add a user to watsonx.data instance and grant that user access control of a pre-defined catalog, that user cannot be removed.