When getting started with Sigma Computing, one of the first and most important things to consider is how to make sure your data is secure.
In order to fully take advantage of the many data exploration and visualization techniques it offers, you want to ensure the right people are able to access what they need, but not create security vulnerabilities by allowing too much access.
While Sigma offers a variety of options to implement your security plan, such as Row-Level security for datasets and workbooks and different account types, in this article we will be breaking down what data permissions are and how you can utilize them throughout your Sigma projects.
What are Data Permissions in Sigma?
Data Permissions are one of the most important features of Sigma for keeping your data secure, as they allow you to determine who is able to access each of the connections, schemas, and tables in your organization, and what they are able to do with each of these.
Organizational admins are the only users who have the ability to assign and revoke permissions at each level in the connection hierarchy, meaning you can grant full access to a connection, or pick and choose which tables and schemas you want to grant access to.
By default, all organizational admins will have access to new connections added, but all other users will have to be given access in order to work with the data.
Sigma Data Hierarchy Inherited Permissions
Data permissions in Sigma are additive, meaning that any permissions given at higher levels in the hierarchy will result in access to the individual elements of that higher object.
To illustrate, below is a sample connection hierarchy within Sigma. If a user is given access to “Connection 1”, that means they will subsequently have access to both Schema 1 and 2, and Tables 1,2, and 3.
Similarly, if access is given to “Schema 1”, then the user will have access to Table 1 and Table 2, but will have no access to the connection itself, Schema 2, or Table 3.
One important thing to note is that you can not revoke permissions that are inherited. If you have three tables in a schema and only need access to two of those tables, you must grant the access at the table level as you cannot give access at the schema level and then remove permission for one of the tables.
Sigma Levels of Permission
Sigma currently has two different levels of permissions to grant your users, Can Use and Can Use & Annotate.
Note: all annotations are local to Sigma and will not be reflected back to your warehouse.
Sigma also offers the option of applying these permissions to teams as well as individuals. By creating Sigma teams and giving data permissions to each team, you can quickly and easily provision access for large numbers of users at once by adding them to the appropriate teams.
How to Grant Permissions on a Table
Granting permissions on a table in Sigma to a user or team is done through a few simple steps.
Step 1: Open the desired table in the left hand navigation panel.
Step 2: Click on the “Permissions” tab in the top and then “Add Permission” on the right hand side.
Step 3: Search for the team(s) or individual member(s) you want to add the permissions for.
Step 4: Select either “Can Use” or “Can Use & Annotate” for the permission to grant, and optionally add a message and send an email notification to those receiving the permission.
Step 5: Click “Save”.
Sigma Computing offers a variety of features to ensure you keep your data secure and only accessed by those who should see it, starting with data permissions. Using individuals and teams, you can easily customize your access to give the right level of access to those who need it.
With your security plan in place, you can fully leverage the power of Sigma Computing to gain valuable insights from your data while having peace of mind that it is safe and secure.
Want to learn more about what Sigma can do for you? Reach out to our team of experts!