Gathering Interest

A team concept is missing in CDF

Related products:Authentication and Access Management

2 years ago
January 25, 2023
2 replies
60 views

Anders Willersrud
Seasoned

We are working with data in our organization aligned with the data mesh principles:
- Data as a product
- Domain-oriented ownership of data
- Self-service data platform
- Decentralized data governance

Currently the setup for access management in CDF does not support this functionality. A team should be able to create, edit and delete datasets, and data associated with their datasets (e.g., assets, events, sequences).

With the current solution an admin with group:write and dataset:write access needs to create a dataset and create new groups for service accounts/user accounts and add capabilities to read/write resource types within the dataset.

We are thus not able to provide a solution which is self-serviced to teams within our organization where they freely control their data and access to it.

Geir Engdahl
Chief Technology Officer
2 years ago
January 26, 2023

Hi Anders,

I agree with this need, and the clumsiness of the current dataset:read&write access scope. As you say, a team should be able to create their own data set without having privileges that would give them write access to all other datasets. A fix for this is to introduce a dataset:create scope, and which would allow users to create new datasets where they become the owner and gain read&write access to that particular dataset automatically. However, it does not solve the team challenge, where you would need to be able to add team members to a group with the same rights. Having group:write essentially gives full access to everything, so we cannot rely on that. I will loop in the appropriate product managers so they are aware of the problem.

Anita Hæhre
Head of Academy and Community
2 years ago
January 26, 2023

New→Gathering Interest

Anita Hæhre

Cookie Policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Related topics

What is Flexible Data Modeling

CI/CD with CDF Toolkit and GitHub Actions

Release 1.22 of Cognite Maintain

Assets with GeoLocation and large polygonsicon

NEAT Support for Mapping Asset Types to Equipment in CDF Core Data Model (cdf_cmd)icon

Sign up

Log in to the community

Scanning file for viruses.

This file cannot be downloaded

Cookie Policy

Cookie settings