Entitlements - BETA
This page describes how you can use entitlements in Insights Enterprise.
Beta - For evaluation and trial use only
Entitlements is currently in beta.
- Refer here to the standard terms related to beta features
- We invite you to use this beta feature and to provide feedback using the Ideas portal
- During deployment, the entitlements feature is disabled by default, meaning no restrictions are applied and you can manage all databases, pipelines, and views as well as query all data in a kdb Insights Enterprise deployment
- When you enable the feature, you do not have access to query data in a database unless you have been given a data entitlement to query the database in question
Entitlements overview
Entitlements manage a group of users’ access to specific entities in the system. When entitlements are enabled, a user can access the specific functionality provided by their Roles, but not across the entire system. Functionality is only available to users on the specific packages or data they are entitled to access.
For example, you may have a scenario where you want to allow an end user to query data in the database, but you don't want them to see all the business logic for data transformation or analytics.
Another use case could be where a pipeline builder needs the capability to edit and deploy an SP pipeline, but should not have the ability to query the data that gets ingested.
Entitlements help you achieve this. When using the entitlements feature, we recommend enabling Encryption in transit for extra security.
Types of entitlements
There are three types of entitlements you can use to control user permissions in kdb Insights Enterprise:
- Data entitlements - control who is entitled to query data within a deployed database.
- Row level data entitlements - control who is entitled to query specific rows within a table, based on a policy.
- Package entitlements - control the permissions each user has to interact with packages that contain databases, pipelines and views. Each package has its own entitlements.
Policies
Policies provide more granular data access management for users. Policies can be applied to each table in a database to manage data entitlements at a row level. Find out more on how these are configured in row level data entitlements.
Next steps
You can configure entitlements using the following guides:
- Prerequisites - conditions you must meet to be able to use entitlements
- Configuration - detailed information on how to use and configure entitlements features
- Data entitlements quickstart - a step-by-step guide to configuring data entitlements
- Row level data entitlements - a step-by-step guide to configuring row level data entitlements