Validio Role-Based Access Control (RBAC) provides granular, permission-based management of users and resources. By organizing users into Teams and segmenting resources into Namespaces, you can ensure data independence and secure monitoring across your organization.

Resource Access Levels

Roles grant combinations of READ and WRITE capabilities to resources at the global and namespace levels.

Users and Teams

Teams are used to organize users into groups which you can base on business units or areas of responsibility within your organization. Different teams can configure and manage their own resources separate from other teams. For example, individual teams can see their data quality without it being affected by incidents that are happening in other teams.

For more information, see Managing Users and Managing Teams.

Namespaces

Namespaces in Validio are used to organize and isolate resources into managed groups, allowing teams to access only the resources assigned to them. This separation ensures that each team can manage its resources independently, without interference from other teams, and helps control data visibility within the Validio platform.

For more information, see Managing Namespaces.

Roles and Permissions

You can assign roles (Admin, Editor, Viewer, and Custom) to users and teams at the global and namespace levels to control access to different resources in Validio. Custom roles allow you to follow the Principle of Least Privilege to ensure users have the minimum level of access necessary to complete their specific tasks.

Users can have multiple roles: the global role that they are assigned when their account is created, the global role they have via team membership, and their role assignment within a namespace which can be direct or via team membership.

When there are conflicting permissions, the User's final access-level depends on the permission scope and whether the User has a direct role assignment:

For more information see Managing Roles.