Check the
documentation
Ask the
Community
Take a look
at
Academy
Cognite
Status
Page
Contact
Cognite Support
Currently, tansformation:write defines access for running the transformation as well as deploying it.
Having two separate access levels (e.g. transfo:run and transfo:desploy, or simply keep transfo:write for deploying and have a new one transfo:run for executing the transfo) would greatly improve access control.
It would allow for better adherence to access policy without hurting user experience, since deploying transformations to an environment is much more delicate than simply running an already tested and stable transformation.
The same concept can be applied for functions!
Gathering Interest
Transformation capability access granularity
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.