Roles
Overview
On the Roles page, you can manage various administrative roles within QueryPie. This document provides guidance on configuring administrative roles, the types of policies, and how to manage these roles effectively.
Configuring an Administrator Role
Administrator roles in QueryPie are composed of roles and policies.
Administrator Roles: These are units assigned to users, comprising a set of policies.
Default roles are labeled as Created by System.
The owner role has full authority over the entire QueryPie system and is restricted from modification or deletion.
Other roles can be modified and utilized as needed.
In addition to default roles, users can create custom roles.
Administrator Policies: These are collections of permissions.
Individual policies define access rights to specific menus and detailed functionalities within the administrator page.
Addition, modification, and deletion of policy levels are not permitted.
Viewing Administrator Roles
On the Roles page, you can view the currently registered administrator roles. You can search by name.
The default administrator roles provided by QueryPie are labeled as Created by System.
The Owner role is an administrator role with full access to the QueryPie system and cannot be modified or deleted.
Viewing Administrator Role Details
In the Roles list, click on the role you want to view details for to enter the detailed page.
The Detail tab displays the list of policies assigned to the currently viewed administrator role.
Assigning Policies to an Administrator Role
In the Roles list, click on the administrator role to which you want to assign additional policies to enter the detail page. Click the
Assign Policies
button to open the modal.The modal will display a list of policies that are not currently assigned to that role. Click on the desired policies to add them, and then click the
Assign
button to save the changes.
On the administrator role detail page, you can view the list of newly assigned policies.
Removing Policies from an Administrator Role
In the Roles list, access the detail page of the administrator role from which you want to remove policies. In the Detail tab, check the policies you wish to remove from the policy list and click the Delete
button. Confirm the removal by clicking OK
in the confirmation modal.
Updating an Administrator Role
In the Roles list, navigate to the detailed page of the administrator role you wish to modify. Click the Edit button to open the modification modal, where you can update the role's name and description.
Deleting an Administrator Role
There are two ways to delete administrator roles that are no longer in use.
When an administrator role is deleted, it is immediately revoked from all users who were assigned that role. Since role deletion cannot be undone, please proceed with caution. Image있음 안에
Deleting an Administrator Role from the Roles List
In the Roles list, select the role you wish to delete by checking the corresponding checkbox. Then, click the Delete
button in the table header. In the confirmation modal, correctly enter the deletion confirmation phrase “DELETE” and click the Delete
button to complete the removal of the administrator role.
Deleting an Administrator Role from a Detail Page
From the Roles list, navigate to the detail page of the administrator role you want to delete. Click the Delete
button to open the confirmation modal, then correctly enter the confirmation text "DELETE" and click the Delete
button to complete the deletion of the administrator role.
Reference: Types of Administrator Policies
You can check the permissions for each administrator policy and the QueryPie product license information required for each policy to be activated below:
Policy Name | Description | License |
User Management Full Access | Can access and modify Users and Groups menu | Default |
User Management Read Only | Can access Users and Groups menu | Default |
Group Management Full Access | Can access and modify Group menu | Default |
Group Management Read Only | Can access Groups menu | Default |
General Setting Full Access | Can access and modify General menu | Default |
Security Setting Full Access | Can access and modify Security menu | Default |
Allowed Zone Full Access | Can access and modify Allowed Zones menu | Default |
Alert Setting Full Access | Can access and modify Alert menu | Default |
Channel Setting Full Access | Can access and modify Channel menu | Default |
License Page Full Access | Can access License menu | Default |
Authentication Setting Full Access | Can access and modify Authentication menu | Default |
Workflow Lists Full Access | Can access All Requests menu | Default |
Approval Rule Setting Full Access | Can access and modify Approval menu | Default |
API Token Setting Full Access | Can access and modify API Token menu | Default |
Job Page Full Access | Can access Jobs menu | Default |
Integration Page Full Access | Can access and modify Integration menu | Default |
System Properties Full Access | Can access System Properties menu | Default |
Database Connection Management Full Access | Can access and modify Connection Management menu | DAC Only |
Database Access Control Full Access | Can access and modify DB Access Control menu | DAC Only |
Database Policy Management Full Access | Can access and modify Database Policies menu | DAC Only |
Proxy Management Full Access | Can access Proxy Management menu | DAC Only |
Database Ledger Policy Full Access | Can access and modify Ledger Management menu | DAC Only |
Masking Pattern Setting Full Access | Can access and modify Masking Pattern menu | DAC Only |
Server Connection Management Full Access | Can access and modify Server Management menu | SAC Only |
Server Access Control Full Access | Can access and modify Server Access Control menu | SAC Only |
General Audit Full Access | Can access General Audit menu and export logs and report | Default |
Database Audit Full Access | Can access Database Audit menu and export logs and report | DAC Only |
Server Audit Full Access | Can access Server Audit menu and export logs and report | SAC Only |
DB Access Request Approval Permission | Can access and modify Profile Editor setting | DAC Only |
SQL Request Approval Permission | Can approve SQL Request as an approver | DAC Only |
SQL Export Request Approval Permission | Can approve Data Export Request as an approver | DAC Only |
Server Access Request Approval Permission | Can approve Server Access Request as an approver | SAC Only |
Access Role Request Approval Permission | Can approve Access Role Request as an approver | SAC or KAC |
SCIM Provisioning and API Token Management Access | Can manage SCIM Provisioning status and API Token | Default |
Kubernetes Connection Management Full Access | Can access and modify Connection Management menu | KAC |
Kubernetes Access Control Full Access | Can access and modify Kubernetes Access Control menu | KAC |
Kubernetes Audit Full Access | Can access Kubernetes Audit menu and export logs and report | KAC |
Discovery Management Full Access | Can access and modify Discovery menu | DD |