In addition to assigning predefined roles to users, you can also create and assign custom roles based on the needs of your organization.
You can create a custom role according to your business requirements by granting it the appropriate feature privileges from Administrator and permissions from Metadata Command Center. You can also edit or delete custom roles. For more information about creating custom roles in Informatica Intelligent Cloud ServicesAdministrator, see the User Administration help in Administrator.
Example of custom role - Data Auditor
For example, if you want to verify that the orders for data collections comply with the policies defined for your organization, you can create a custom role called Data Auditor that has only read permission on data collections, orders, consumer accesses and data assets but doesn't have permissions to modify or delete any data.
Key responsibilities
In a typical organization, a Data Auditor might have the following responsibilities:
•Verify that the data complies with the data policies of your country and of the countries of your customers.
•Verify that the data complies with your organization's internal data policies.
•Verify security and privacy of the data.
•Generate unbiased audit findings that allow management to make informed decisions.
•Verify the validity of the expense reports pertaining to data management.
Feature privileges in Administrator
After you define the user role in Administrator, you must assign it the appropriate feature privileges.
The following table lists the feature privileges that you can enable in Administrator for the Data Auditor role based on the key responsibilities :
Features
Status
Access Data Marketplace
Enabled
Approve or Reject Orders
Disabled
Cancel Your Orders And Data Collection Requests
Disabled
Complete or Reject Data Collection Requests
Disabled
Configure And Manage Data Marketplace
Disabled
Fulfill Or Reject Orders
Disabled
View Set up page
Enabled
Withdraw Consumer Accesses
Disabled
Asset permissions in Metadata Command Center
On the Access Control tab of Metadata Command Center, create a new access policy that grants the role Read permissions on all the options under the Marktetplace Asset section.