Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Informatica Data Quality H2L
  • All Products

Table of Contents

Search

  1. Abstract
  2. Supported Versions
  3. Using Groups and Roles to Manage Informatica Access Control

Using Groups and Roles to Manage Informatica Access Control

Using Groups and Roles to Manage Informatica Access Control

Back Next

Predefined Custom Roles

Predefined Custom Roles

Examine the predefined roles in the Administrator tool to determine whether you can assign these roles to your groups. Predefined roles include custom roles for the PowerCenter Repository Service, Metadata Manager Service, and Reporting Service.
The PowerCenter Repository Service roles are designed to create a secure production environment. You might want to assign the predefined PowerCenter Repository Service roles to groups to ensure that users access only what they need. Along with the roles, assign repository object permissions to define a group's level of access to repository objects.
The following table describes how you can use the PowerCenter Repository Service custom roles to create a secure environment:
PowerCenter Repository Service Custom Role
Description
PowerCenter Connection Administrator
Designed for administrators who create connection objects in the Workflow Manager. These administrators have access to source and target databases and applications. Assign this role to a small number of users to maintain source and target security.
PowerCenter Repository Folder Administrator
Designed for administrators who manage repository folders, deployment groups, labels, and queries. These administrators have access to metadata across repository folders. Assign this role to a small number of users to maintain repository folder security.
PowerCenter Developer
Designed for a developer who creates source definitions, target definitions, design objects, and workflows, and who runs and monitors workflows. Assign this role along with folder and global object permissions to restrict user access to the repository metadata that they need.
PowerCenter Operator
Designed for a workflow operator who runs and monitors workflows. In a production environment, you might want to assign this role to an automated user that a script uses to run and monitor workflows. If the automated user’s login credentials are accessed, the user account cannot be used to change repository metadata.
If the predefined custom roles do not meet your needs, you can edit the privileges in the predefined custom roles or create your own custom roles.
The Administrator role is a system-defined role that you cannot edit or delete. The role includes all privileges for the domain and each application service type. In addition, the role bypasses permission checking. Users with the Administrator role can access all objects. To maintain security, limit the number of users assigned the Administrator role.
0 COMMENTS
We’d like to hear from you!