TerraTrue’s Identity and Access Management is intended to be simple to administer yet flexible where it matters most. TerraTrue provides sensible defaults so that you won’t need to provide additional access for the majority of your users. This article describes how IAM works on TerraTrue and how to assign access rights to individual users and groups.
How IAM Works
With IAM, you manage access control by defining who (identity) has what access (permission) to resources on TerraTrue. For example, you may grant user ‘Bob’ the permission of Administrator so that Bob can configure TerraTrue for your organization and provision new users.
TerraTrue provides three ways for you to specify who should be granted a certain permission:
- An individual user. When you initially provision a user on TerraTrue or at any time afterwards, you are able to grant (or revoke) a permission for that specific user. In our example above, you granted the Administrator role to the user ‘Bob’.
- An approval role. When you initially create an approval role on TerraTrue or at any time afterwards, you are able to grant (or revoke) a permission for that specific approval role. For instance, you may grant the ‘Privacy’ approval role the permission to edit Privacy Worksheets. Any individual member of the ‘Privacy’ approval role will then be able to edit Privacy Worksheets for as long as they remain members of that approval role.
- Everyone. This is a special identifier that represents all the users in your organization. Permissions that you provide to Everyone will be granted to all your users.
TerraTrue recognizes the below permissions. For more information on what these permissions exactly entail, please see the last section of this document.
- Administrator: Used for managing the organization settings on TerraTrue, including provisioning users, managing access, managing approval roles and much more. This permission is particularly powerful so please consider carefully whom you grant it to. For a more comprehensive list of what is included in that permission, refer to the Administrator permission reference section.
- Custom Questionnaire Manager: Used for managing custom questionnaires. This permission includes creating, editing and deleting custom questionnaires, as well as changing visibility and other related configuration rules for custom questionnaires.
- Launch Manager: A user with this permission is able to delete a launch and its accompanying data as well as reset approvals for a launch (invalidating prior approvals to indicate that a launch warrants a re-review due to a scope change or other reasons). Such a user is then also able to manage labels and components as well as import launches, all from the corresponding organization settings.
- Data Spec Viewer: Lets users view but not modify existing Data Specs. This permission is given by default to Everyone.
- Data Spec Editor: Lets users not only view existing Data Specs but also create, modify, and delete Data Specs. It is not necessary to also grant the Data Spec Viewer permission as it is implicitly given. This permission is given by default to Everyone.
- Privacy Worksheet Viewer: Lets users view but not modify existing Privacy Worksheets. Because a Privacy Worksheet contains data from the Data Spec, this permission also allows users to view Data Specs. It is not necessary to also grant the Data Spec Viewer permission as it is implicitly given. This permission is given by default to Everyone.
- Privacy Worksheet Editor: Lets users view existing Privacy Worksheets as well as create, modify and delete Privacy Worksheets. It is not necessary to also grant the Privacy Worksheet Viewer permission as it is implicitly given. This permission is given by default to Everyone.
- Observer: This is currently the only permission that restricts what a user can do as opposed to granting them additional abilities. The Observer permission is intended to be given to users who may want to observe your program on TerraTrue but otherwise not make changes to it. For example, you may want to grant the Observer permission to your compliance team or to an external legal counsel. While you may add additional permissions to a user who has the Observer permission, those added permissions may not fully take effect for those users; the Observer user is prevented from making sensitive modifications such as creating Data Specs, managing organization settings or deleting launches.
Here is a more detailed list of all the abilities provided by TerraTrue automatically. These are grouped by functionality. Please note that an asterisk (*) next to a line indicates that this ability is not available to users with the Observer permission.
- View and search the LaunchPad
- Add, modify and remove a Saved Search
- View any launch summary including comments and revision history
- Edit launch title, description, and due date*
- Add a launch comment and delete your own launch comment*
- Assign approval for a given approval role*
- View and search Privacy Central
- View users and their permissions*
- View approval roles and their memberships*
- View label groups and their values
- View Data Use, Data Type, and Third Party taxonomies
- Add Data Use, Data Type, and Third Party custom taxonomies*
- View and search all support cases and feature requests
- Create a new support case and feature request
- Edit title, description, status, or priority of a support case
- Edit title and description of a feature request
- Add comment to a support case
- Delete any comment from a support case
A user with the Administrator permission can perform any action supported on TerraTrue. Here is the list of the unique abilities that come with this powerful permission, grouped by functionality. These are in addition to the built-in permission as well as all other supported permissions.
- Delete any comment on a launch, even when not authored by that user.
- View organization history
- Add (or delete) a user
- Change a user’s display name
- Configure IAM – add and remove permissions to users and approval roles
- Add a user to (and remove from) an approval role
- Add, edit, and remove approval roles