Skip to main content
Version: I2023.3.0

Permissions on Cubes for Groups of Local Users

You can grant runtime permissions on published cubes to AtScale groups that consist of locally-authenticated users.

About this task

Runtime permissions allow users to query published cubes from client BI software and to create tables from SELECT statements on cubes. You can grant these permissions to groups of AtScale users who are managed by means of AtScale's embedded LDAP server. By granting these permissions to groups, you can grant them to multiple users at a time.

The runtime permissions allow users in the groups to query published versions of a cube and to create tables from SELECT statements on published versions of a cube. The tables are created in your data warehouse.

  • If you are using Google BigQuery, the tables are created directly in BigQuery.
  • If you are using a Hadoop cluster, the tables are created in the Hive metastore.
info

Use AtScale's local directory service for testing only. Do not use it in production environments. This directory service is not meant to support the types of workloads that are common to production environments. Before using AtScale in production, configure your AtScale organization to use an external directory service, such as Microsoft Active Directory, another LDAP service, or Google G Suite Directory.

Before you begin

Procedure

  1. Choose Projects from the main navigation. Then find and click on the name of the project.

  2. Click the cube name. Choose Security

  3. In the Cube Runtime Permissions dialog box, enable Restrict Access.

  4. Use the arrow controls to expand the permission controls for each AtScale group that you want to set runtime permissions for. Select or clear the applicable checkboxes.

    Runtime PermissionDescription
    QueryUsers can issue SELECT statements against the cube.
    Create Table as Select (CTAS)Users can issue SELECT statements against the cube and write the results back to the data warehouse as a new table.

  5. Click Save.