Predefined Anzo Roles and Permissions

This topic describes the roles that are predefined in Anzo and lists the permissions that are assigned to each role by default. The predefined roles can be removed or modified as desired. For instructions on changing roles, see Creating and Managing Roles.

System Administrator

The System Administrator account, usually named sysadmin, is created during the Anzo installation. This account has permission to access all Anzo features in the main Anzo application as well as administrative features in the Administration application. In addition, the sysadmin user has read and write access to all of the artifacts (such as data sources, models, and pipelines) that are created by all Anzo users. The sysadmin user permissions cannot be changed, and the account cannot be deleted. In addition, artifacts cannot be configured to restrict sysadmin access. For information about changing the system administrator password, see Change the sysadmin Password.

Base Permissions (Everyone and Authenticated User Roles)

There is a set of base permissions that are applied to all user accounts by default. If a user account is created in Anzo but no roles are assigned, that user has the permissions of the Authenticated User role. By default, authenticated users cannot access the Anzo application but can access the Hi-Res Analytics application where they can browse for and create dashboards. They can also view data that is shared from Data on Demand endpoints.

If Anonymous User Access is enabled on the system, unauthenticated users (users who do not have a user account in Anzo) have the permissions that are included in the Everyone role. The Everyone role is only used to apply permissions for unauthenticated users when anonymous access is allowed. For information about anonymous access, see Configure Anonymous User Access.

The image below shows an example of the view an authenticated user has in the Hi-Res Analytics application.

Anzo Administrator

By default the Anzo Administrator role has access to all menus and features in the Anzo application as well as the Administration application. The image below shows an example of the view a user with the Anzo Administrator role has in the Anzo application.

Having full access to all features does not mean the Anzo Administrator has full access to all of the data in the system. Unlike the sysadmin user, Anzo Administrators must still be granted data access to specific artifacts. For example, if the Anzo Administrator role is assigned the Manage Graphmarts permission, a user with that role can activate and deactivate all graphmarts, but they cannot view the data contained in all of the graphmarts unless that role is granted data access to each graphmart.

The following image shows an example of the Anzo Administrator view of the Administration application.

Data Analyst

By default the Data Analyst role has access to the Blend menu, Access menu, and Activity Log in the Anzo application. The image below shows an example of the view a user with the Data Analyst role has in the Anzo application.

Members of the Data Analyst role can:

  • View the Datasets catalog
  • View and create graphmarts
  • View and create Hi-Res Analytics dashboards
  • View the Activity Log
  • Access data with the Query Builder
  • Create and access Data on Demand endpoints

Data Citizen

By default the Data Citizen role has access to the Blend menu, Access menu, and Activity Log in the Anzo application. The image below shows an example of the view a user with the Data Citizen role has in the Anzo application.

Members of the Data Citizen role can:

  • View the Datasets catalog
  • View graphmarts
  • View and create Hi-Res Analytics dashboards
  • View the Activity Log
  • Access data with the Query Builder
  • Create and access Data on Demand endpoints

Data Curator

By default the Data Curator role has access to the Onboard menu, Model manager, Blend menu, Access menu, and Activity Log in the Anzo application. The image below shows an example of the view a user with the Data Curator role has in the Anzo application.

Members of the Data Curator role can:

  • Connect to data sources and onboard structured and unstructured data
  • View and create data models
  • View the Datasets catalog
  • View and create graphmarts
  • View and create Hi-Res Analytics dashboards
  • View the Activity Log
  • Access data with the Query Builder
  • Create and access Data on Demand endpoints

Data Governor

By default the Data Governor role has access to the Onboard menu, Model manager, Blend menu, Access menu, and Activity Log in the Anzo application. The image below shows an example of the view a user with the Data Governor role has in the Anzo application.

Members of the Data Governor role can:

  • Connect to data sources and onboard structured and unstructured data
  • View and create data models
  • View the Datasets catalog
  • View and create graphmarts
  • View and create Hi-Res Analytics dashboards
  • View the Activity Log
  • Access data with the Query Builder
  • Create and access Data on Demand endpoints

Data Scientist

By default the Data Scientist role has access to the Onboard menu, Model manager, Blend menu, Access menu, and Activity Log in the Anzo application. The image below shows an example of the view a user with the Data Scientist role has in the Anzo application.

Members of the Data Scientist role can:

  • Connect to data sources and onboard structured and unstructured data
  • View and create data models
  • View the Dataset catalog
  • View and create graphmarts
  • View and create Hi-Res Analytics dashboards
  • View the Activity Log
  • Access data with the Query Builder
  • Create and access Data on Demand endpoints

To review the specific permissions for each role, select Roles in the User Management menu in the Admin application. Click a role to open the Edit dialog box and review the permissions. For more information about the permissions, see Role Permissions Reference.