- 24 Jan 2023
- 3 Minutes to read
-
Print
-
DarkLight
Resource Groups
- Updated on 24 Jan 2023
- 3 Minutes to read
-
Print
-
DarkLight
This is a machine-translated version of the original Japanese article.
Please understand that some of the information contained on this page may be inaccurate.
summary
The Teams feature in TroCCO allows you to grant roles to resource groups on a per-team basis.
Members of a team that has been granted a role can perform the operations that the role allows.
Role permissions
The scope of operation permissions managed by roles on resource groups can be broadly divided into the following two.
- Resource Groups
- Each resource (belonging to a resource group)
Each role is allowed to do the following:
Operation permissions for resource groups
RolesAdministratorEditorsOperatorsReaderNo
Operations\ | RoleSupplement | |||||
---|---|---|---|---|---|---|
Edit a resource group | ✓ | - | - | - | - | Resource group name and notes can be edited |
Delete a resource group | ✓ | - | - | - | - | |
Resource group permissions | ✓ | - | - | - | - | Can be granted or removed roles from teams |
View a list of resources in a resource group | ✓ | ✓ | ✓ | ✓ | - | |
View resource group details | ✓ | ✓ | ✓ | ✓ | ✓ |
Operational permissions for each resource
RolesAdministratorEditorsOperatorsReaderNo
Operations\ | RoleSupplement | |||||
---|---|---|---|---|---|---|
Editing Resources | ✓ | ✓ | - | - | - | Includes an operation to add a resource to a resource group |
Duplicate a resource | ✓ | ✓ | - | - | - | Connection information, dbt Git repository, dbt job settings cannot be replicated |
Deleting a resource | ✓ | ✓ | - | - | - | |
Resource Execution | ✓ | ✓ | ✓ | - | - | |
Browse resources | ✓ | ✓ | ✓(*) | ✓(*) | - | * In the case of the operator/viewer role dbt Git repository and connection information details screen cannot be viewed. |
Viewing the Job Execution Log | ✓ | ✓ | ✓ | ✓ | - |
The creator of a resource group or resource has the same operational privileges as a user with an administrator role for each.
In the case where a resource group grants different roles to multiple teams, users who belong across multiple teams that are granted roles will have duplicate roles for that resource group.
In this case, the user is given a role with broader privileges.
The containment relationship between roles is "administrator⊃editor⊃ operator⊃ viewer".
The following is an explanation using specific examples.
- Have users who belong to both the "Engineering Team" and the "Sales Team"
- The Data Analysis Resource Group is
- The engineering team has been granted the Editor role
- The sales team has been granted the operator role
Users can then perform operations on the Data Analysis resource group and the resources under them as permitted by the Editor role.
Resource group list screen
On the resource group list screen, you can check the list of resource groups that exist in your TroCCO account, and create, edit, and delete resource groups.
All resource groups created in your TroCCO account, including resource groups that have not been assigned roles to your team, are displayed on the resource group list screen.
Create a new resource group
You must have administrator privileges for your TroCCO account.
For more information about trocco account permissions, please refer to Permissions for Your Users.
Resource group details screen
On the resource group list screen, click each resource group name or details to display it.
The following is the resource group details screen from the perspective of a user with an administrator role.
(1) Edit
Edit the resource group name and notes.
(2) Delete
Delete a resource group.
Once you delete a resource group, you can't get it back. Please be careful.
(3) Permission settings
Grant each team a role for the resource group.
(4) Delete a role
Delete a role that has been granted to the team.
(5) Resource group creator
The resource group creator is displayed.
The resource group creator has the same operation privileges as a user with the administrator role for the resource group.
(6) Resource List
A list of resources appears.
You can click the tabs to switch the types of resources displayed.
For users who do not have a role for the resource group, the resource list is not displayed.
(7) Resource Details
Click to go to the details screen of the corresponding resource.
Details screen for each resource
The following section describes the details screen of the transfer settings as seen from the perspective of a user with an administrator role as an example.
If a user does not have a role for the resource group that contains the resource, the resource details screen cannot be viewed.
(1) Execution
Run the resource.
Only users with the role of Operator or higher can operate the operation.
(2) Edit
Edit the resource.
Only users with the Editor role or higher can operate the operation.
- You can add resources to a resource group from the new or edit screen for each resource.
- You cannot add a resource to more than one resource group.
(3) Reproduction
Clone the resource.
Only users with the Editor role or higher can operate the operation.
(4) Delete
Delete the resource.
Only users with the Editor role or higher can operate the operation.
Once you delete a resource, you can't get it back. Please be careful.
(5) Resource creator
The resource creator is displayed.
The resource creator has the same operation privileges as a user who has the administrator role for the resource.
(6) Reflected in Git
You can integrate Git repositories with resource groups.
For details, please refer to About Git repository integration.