Configure Access to OCF BI Folders and Reports¶
Alation Cloud Service Applies to Alation Cloud Service instances of Alation
Customer Managed Applies to customer-managed instances of Alation
Applies from release 2024.1.4
A BI folder or report can be visible to all users or only to specific users and groups designated by a BI Server Admin. By default, a BI folder or report is visible to all users, or public. You can manage the visibility on the Settings page:
Enable Privacy Settings¶
The privacy feature is disabled by default and can be activated by a Server Admin with Alation shell access using the alation_conf command and the parameter alation.granular_object_privacy.enabled
.
Note
Alation Cloud Service customers can request server configuration changes through Alation Support.
Default: False
(feature disabled).
Set to True
to enable.
When the alation.granular_object_privacy.enabled
parameter is set to True
, the Settings page is available for every BI Folder or Report in the Catalog.
Follow these steps:
SSH to the Alation server.
Enter the Alation shell:
sudo /etc/init.d/alation shell
View the current value:
alation_conf alation.granular_object_privacy.enabled
Set a value:
alation_conf alation.granular_object_privacy.enabled -s True
Restart the instance:
alation_supervisor restart web:*
BI Folder and Report Privacy¶
Users can access a BI folder or report as BI Server Admins or Viewers:
BI Server Admins—The BI Server Admin access allows editing the settings page.
Viewers—The Viewer access allows viewing the BI folder or report and its child in the catalog, including finding them with Alation Search.
For a private BI folder or report , you can add specific users or groups as Viewers or BI Server Admins.
Note
You cannot create a new BI Server Admin at this level, instead they are inherited from the parent.
For a public BI folder or report, all catalog users are Viewers by default.
Manage Access¶
You can also manage access from users and groups.
Grant Access¶
To grant access to or from users and groups:
Open the BI folder or report settings.
Under the User Access section, click the +Add button. A quick search list will open.
Start typing the name of a user or group in the search field. Search will provide dynamic prompts that you can select from. Select the user or group you want.
The user or group you selected will be added. Initially, all newly added users or groups are Viewers.
Revoke Access¶
To revoke BI folder or report access from a user or group:
Find the user or group you want. You can sort the Name column or use the filter on the top right of the table to find the user or group.
For this user or group, click Remove in the rightmost column of the table. The user will be removed from the table.
Note
You cannot remove the BI Server Admin access from the last remaining BI Server Admin.