Skip to main content
info
This documentation is for version v2.6 of the product.
For the latest version(v2.7) documentation click here
Version: v2.6 print this page

Roles

Role-Based Access Control (RBAC) in Amorphic is a feature that helps system administrators manage user access to sensitive information and reduce the risk of data breaches. This feature allows administrators to control which users have access to which services within the application, making it more efficient to authorize users and align with user management compliance. Amorphic RBAC is designed to be adaptable and support any new services that are added to the application, making it more versatile and useful.

Amorphic RBAC provides the following capabilities:

  • User can have multiple roles attached and has the ability to switch between them to perform various actions based on his/her responsibilities.
  • Customize user role permissions to a granular level.
  • Flexibility to choose the type of Amorphic view upon login.

Roles

What is a Role?

In Amorphic, a role determines the level of access a user has in the Amorphic application.

RBAC improves data security by limiting users’ access to sensitive information and helps with compliance. Additionally, it allows users to switch between different roles to perform different tasks.

Role has the following properties:

  • A Role can have multiple users attached to it.
  • A Role can have many permissions.
  • A Role can have multiple role managers who can perform update and delete operations on the role

In Amorphic, we have two types of Roles:

  • System Roles : Which are provided by the application by default.
  • Custom Roles : Created by users.

System Roles

Amorphic has two main roles: "Administrator" and "Regular User." Administrators have full access to all features and can perform all actions in Amorphic. While, regular users have basic access and can only perform certain actions. Additionally, every user has a "default role" which determines what they see when they first log in.

  • System Administrators Role This role consists full permissions for every service offered in Amorphic and can perform all the activities without any restrictions.

  • System Default Users Role System default Users Role is a basic application access role which is provided to every user.

info

This is not to be confused with user's default role. User's default role determines what all services that he/she sees when logged in.

Custom Roles

You can create a custom role for a user by selecting permissions from a list of specific access permissions for each service. To create a role see, how to create a Custom Roles

For Example, A user can create custom Data scientist role and provide access to only ML notebooks.

Amorphic RBAC Role contains the following information:

Role Metadata Information

TypeDescription
Role NameThe unique name identifying the role's functionality.
Role DescriptionA brief explanation of the role's purpose.
PermissionsSpecific actions defined for a particular service. Permissions determine the level of access within Amorphic. Permissions can be assigned to multiple roles and vice versa.
Role ManagersThe list of users who can update or delete the role
UsersAttachedThe list of users to whom the role is attached.
CreatedByThe user who created the role.
LastModifiedByThe user who last updated the role.
LastModifiedTimeThe timestamp of the last time the role was updated.

Role Operations

Along with Amorphic RBAC, you can perform basic CRUD operations (shown in the below table) on a role if you have sufficient permission.

Create role

FunctionalityDescription
Create RoleCreate a custom role by choosing from a list of permissions and attach to a User.
View RoleView existing Role Metadata Information
Update RoleUpdate an existing role.
Delete RoleDelete an existing role.
Switch RoleThis functionality helps user to switch between multiple roles attached.
Update User Default-RoleHelps user to customize the landing page view. Example: if User frequently uses Machine learning services, one can pick say a "Data scientist Role" as default login view for quicker access.
Note
  • From v2.6, only a role's managers can update the role or delete it. The user who creates a role automatically becomes a role manager. Users can list or view a role only if they are a role manager or if they are attached to the role. Even if a user's role has the roles.update and roles.delete permissions, they will not be able to update/delete a particular role unless they are a role manager for that role.
  • For roles existing before v2.6, all users having the system administrator role will become role managers.

Create Role

Create roles

To create a new role in Amorphic, follow these steps:

  1. Go to the Management menu and select Roles.
  2. Click on the New Role button.
  3. Fill in the information required, such as role permissions and user names who will be attached to the role.
  4. Drag and Rearrange the order of your resources to be accessible in the sidenav.(User Persona)
  5. Click on Create to create the new role.

User Persona

User Persona

This section lets a user customize their sidenav to display only the resources that will be used by the user using the corresponding role that is being created/updated.

  • User can drag and drop and rearrange the resources according to the user's preferences.
  • User can toggle on/off submenus or individual resources to be shown in the sidenav.
  • Resources will be displayed only if the user have their respective permissions.
  • User can reset the order of the resources by using the Reset to default menu button.
Note

There are no permissions specifically for Bulk Management. Currently we only manage datasets so the bulk management page is only available for users with the datasets.update permission

Switch Role

Switch Role functionality is enabled for users with more than one Role attached to them.

How to switch roles in Amorphic:

  1. Click on the User Profile icon
  2. Select Switch Role from the dropdown menu.
  3. Pick a role from the list to switch to.

RBAC Switch role

How to update user default-role?

Schedule details

The Update Default Role feature allows users who have more than one role to choose which role they want as their main role.

  1. Click on the User Profile icon located on the top right corner of the page.
  2. Select the Profile & Settings option from the drop-down menu.
  3. You will be taken to the User Profile page, where you will find the Default Role field.
  4. Click on the Change button beside the Default Role field.
  5. A drop-down list of roles that the user is attached to will appear.
  6. Select one of the roles from the list to switch to it as the default role.