Requirements for Common Tasks
Completing Control Hub tasks requires a combination of roles and permissions. The following sections list the requirements to complete common Control Hub tasks.
Connection Tasks
| Task | Roles | Permissions |
|---|---|---|
| Create a new connection. | Connection Editor | Read on the authoring Data Collector |
| Edit a connection. | Connection Editor | Write on connection Read on the authoring Data Collector |
| Delete a connection. | Connection Editor | Write on connection |
| Test a connection. | Connection Editor | Write on connection Read on the authoring Data Collector |
| Use a connection in a pipeline or pipeline fragment. | Pipeline Editor Engine Creator or Administrator Connection User or Editor |
Read on connection Write on pipeline or fragment Read on the authoring engine |
| View pipelines and pipeline fragments using a connection. | Connection User or Editor | Read on connection |
| Start or synchronize a job for a pipeline that uses a connection. | Job Operator Pipeline User or Editor Connection User or Editor |
Read on all connections used in the pipeline Execute on job Read on pipeline Execute on all appropriate engines with the assigned labels |
Data SLA Tasks
The following table lists the role and permission requirements to complete common data SLA tasks:
| Task | Roles | Permissions |
|---|---|---|
| Acknowledge a triggered data SLA alert in the Alerts view. | Notification User Data SLA User or Editor |
Read on data SLA |
| Activate or deactivate a data SLA. | Data SLA Editor Topology User or Editor Job Operator Pipeline User or Editor Metrics Reader |
Execute on data SLA Read on topology Read on all jobs in topology |
| Create a data SLA. | Data SLA Editor Topology User or Editor Job Operator Pipeline User or Editor Metrics Reader |
Read on topology Read on all jobs in topology |
| Delete or edit a data SLA. | Data SLA Editor Topology User or Editor Job Operator Pipeline User or Editor Metrics Reader |
Write on data SLA Read on topology Read on all jobs in topology |
| View a data SLA within the topology. | Data SLA User Topology User or Editor Job Operator Pipeline User or Editor Metrics Reader |
Read on data SLA Read on topology Read on all jobs in topology |
Deployment Tasks
| Task | Roles | Permissions |
|---|---|---|
| Create a deployment. | Deployment Manager | Read on environment |
| Edit, start, stop, and delete the deployment. | Deployment Manager | Write on deployment Read on environment |
| View deployment details. | Deployment Manager | Read on deployment |
Draft Run Tasks
| Task | Roles | Permissions |
|---|---|---|
| Delete a draft run from the Draft Runs view. | Job Operator | Write on pipeline |
| Start a draft run for a draft pipeline from the pipeline canvas. | Pipeline Editor Job Operator Engine Creator or Administrator |
Write on pipeline |
| Stop a draft run from the pipeline canvas. | Pipeline Editor Job Operator Engine Creator or Administrator |
Write on pipeline |
| Stop a draft run from the Draft Runs view. | Job Operator | Write on pipeline |
| View draft run history from the Draft Runs view. | Job Operator | Read on pipeline |
Engine Tasks
| Task | Roles | Permissions |
|---|---|---|
| Assign labels to an engine. | Job Operator | Write on engine |
| Define resource thresholds for an engine. | Job Operator | Write on engine |
| Delete an engine. | Engine Administrator Deployment Manager |
Write on engine |
| Restart or shut down an engine in the Engines view. | Engine Administrator | Read on engine |
| Upload external resources for an engine. | Engine Administrator | Read on engine |
| Access the Engines view and view the Details, Configuration, and Metrics tabs when viewing engine details. | Job Operator | Read on engine |
| View the External Resources, Logs, Thread Dump, Support Bundle, Directories, and Health tabs when viewing engine details. | Engine Administrator Job Operator |
Read on engine |
Environment Tasks
The following table lists the role and permission requirements to complete common environment tasks:
| Task | Roles | Permissions |
|---|---|---|
| Create an environment. | Environment Manager | Not applicable |
| Edit, activate, deactivate, and delete the environment. | Environment Manager | Write on environment |
| View environment details. | Environment Manager | Read on environment |
Job Tasks
The following table lists the role and permission requirements to complete common job tasks:
| Task | Roles | Permissions |
|---|---|---|
| Create a job from a pipeline. | Job Operator Pipeline User or Editor |
Read on pipeline |
| Delete a job. | Job Operator | Write on job |
| Edit a job. | Job Operator Pipeline User or Editor |
Write on job Read on pipeline |
| Export a job. | Job Operator Pipeline User or Editor |
Read on job |
| Import a job. | Job Operator Pipeline Editor |
Not applicable |
| Monitor a job. | Job Operator Pipeline User or Editor Metrics Reader |
Read on job Read on pipeline Read on all appropriate engines with the assigned labels |
| Reset the origin for a job. | Job Operator Pipeline User or Editor |
Execute on job Read on pipeline |
| Upload an initial offset file for a job. | Job Operator Pipeline User or Editor |
Write on job |
| Start, synchronize, and stop a job. | Job Operator Pipeline User or Editor |
Execute on job Read on pipeline Execute on all appropriate engines with the assigned labels |
Job Template Tasks
The following table lists the role and permission requirements to complete common job template tasks:
| Task | Roles | Permissions |
|---|---|---|
| Archive a job template. | Job Operator | Write on job template |
| Create a job template. | Job Operator Pipeline User or Editor |
Read on pipeline |
| Create and start job instances from a job template. | Job Operator Pipeline User or Editor |
Execute on job template Read on pipeline Execute on all appropriate engines with the assigned labels |
| Delete a job template. | Job Operator | Write on job template |
| Edit a job template. | Job Operator Pipeline User or Editor |
Write on job template Read on pipeline |
| Export a job template. | Job Operator Pipeline User or Editor |
Read on job template |
| Import a job template. | Job Operator Pipeline Editor |
Not applicable |
Pipeline Fragment Tasks
| Task | Roles | Permissions |
|---|---|---|
| Create and remove tags for a fragment. | Pipeline Editor | Write on fragment |
| Delete a fragment version. | Pipeline Editor | Write on fragment |
| Create a new fragment, including publishing the fragment. | Pipeline Editor Job Operator Engine Creator or Administrator |
Read on the authoring engine |
| Configure a fragment, including publishing the fragment. | Pipeline Editor Job Operator Engine Creator or Administrator |
Write on fragment Read on the authoring engine |
| Use a fragment in a pipeline. | Pipeline Editor Job Operator Engine Creator or Administrator |
Read on fragment Write on pipeline Read on the authoring engine |
| Export a fragment. | Pipeline User or Editor | Read on fragment |
| Import a fragment. | Pipeline Editor | Not applicable |
| View configuration details and version history. | Pipeline User or Editor | Read on fragment |
Pipeline Tasks
The following table lists the role and permission requirements to complete common pipeline tasks:
| Task | Roles | Permissions |
|---|---|---|
| Create and remove tags for a pipeline. | Pipeline Editor | Write on pipeline |
| Delete a pipeline version. | Pipeline Editor | Write on pipeline |
| Create a new pipeline, including performing data preview and explicit validation and publishing the pipeline. | Pipeline Editor Job Operator Engine Creator or Administrator |
Read on the authoring engine |
| Create a pipeline from a user-defined sample pipeline. | Pipeline Editor Job Operator Engine Creator or Administrator |
Read on sample pipeline Read on the authoring engine |
| Configure a pipeline, including performing data preview and explicit validation and publishing the pipeline. | Pipeline Editor Job Operator Engine Creator or Administrator |
Write on pipeline Read on the authoring engine |
| Export a pipeline. | Pipeline User or Editor | Read on pipeline |
| Import a pipeline. | Pipeline Editor | Not applicable |
| View configuration details and version history. | Pipeline User or Editor | Read on pipeline |
Provisioning Tasks
| Task | Roles | Permissions |
|---|---|---|
| Create a legacy deployment. | Provisioning Operator | Not applicable |
| Delete and edit an inactive legacy deployment. | Provisioning Operator | Write on deployment |
| Delete a Provisioning Agent from Control Hub. | Provisioning Operator | Write on Provisioning Agent |
| Scale, start, and stop a legacy deployment. | Provisioning Operator | Execute on deployment |
| View legacy deployment configuration details. | Provisioning Operator | Read on deployment |
| View Provisioning Agent configuration details. | Provisioning Operator | Read on Provisioning Agent |
Scheduled Tasks
The following table lists the role and permission requirements to complete common tasks for scheduled tasks in the Control Hub scheduler:
| Task | Roles | Permissions |
|---|---|---|
| Create a scheduled task for a job. | Scheduler Operator Job Operator |
Execute on job
|
| View and monitor a scheduled task. | Scheduler Operator | Read on scheduled task |
| Edit a scheduled task. | Scheduler Operator | Write on scheduled task |
| Pause, resume, kill, or delete a scheduled task. | Scheduler Operator | Execute on scheduled task |
Sequence Tasks
The following table lists the permission requirements to complete common tasks for sequences. Sequence tasks do not have any role requirements.
| Task | Permissions |
|---|---|
| Create a sequence. | Not applicable |
| Add jobs to a sequence. | Read on jobs |
| View and monitor a sequence. | Read on sequence |
| View names of jobs included in a sequence. | Read on sequence Read on jobs |
| Edit a sequence, including enabling and disabling a sequence. | Write on sequence |
| Manually run a sequence. | Execute on sequence |
Subscription Tasks
The following table lists the role and permission requirements to complete common subscription tasks:
| Task | Roles | Permissions |
|---|---|---|
| Create a subscription. | Notification User | Not applicable |
| View a subscription. | Notification User | Read on subscription |
| Manage a subscription - including editing, enabling, disabling, and deleting a subscription. | Notification User | Write on subscription |
Topology Tasks
The following table lists the role and permission requirements to complete common topology tasks:
| Task | Roles | Permissions |
|---|---|---|
| Create a topology. | Topology Editor | Not applicable |
| Delete topology versions. | Topology Editor Job Operator Pipeline Editor |
Write on topology |
| Export a topology. | Topology User or Editor Job Operator Pipeline User or Editor |
Read on topology |
| Import a topology. | Topology Editor Job Operator Pipeline Editor |
Not applicable |
| Map jobs and systems in a topology. | Topology Editor Job Operator Pipeline Editor |
Write on topology Read on all jobs in topology Read on all pipelines in topology |
| Monitor a topology. | Topology User or Topology Editor Job Operator Pipeline User or Editor Metrics Reader |
Read on topology Read on all jobs in topology Read on all pipelines in topology |
| View a topology. | Topology User or Topology Editor Job Operator Pipeline User or Editor |
Read on topology Read on all jobs in topology Read on all pipelines in topology |