Skip to main content

Roles

There are currently four tiers of role within the data platform project, and they are as follows:

Super Administrators

Relates to: saml-aws-data-platform-super-admins

Super administrators have full permissions to all accounts and are normally project heads and key people.

AccountHas AccessRole
DevelopmentYesAWSAdministratorAccess
Pre-ProductionYesAWSAdministratorAccess
ProductionYesAWSAdministratorAccess

Administrator

Relates to: saml-aws-data-platform-admins

Administrators are granted broad permissions across all the Data Platform accounts including access to the Development account where infrastructure changes are tested by the development team. Admins are normally the heads of the Data Platform project and the engineering team responsible for its maintenance.

AccountHas AccessRole
DevelopmentYesAWSAdministratorAccess
Pre-ProductionYesAWSPowerUserAccess
ProductionYesAWSPowerUserAccess

Power User

Relates to: saml-aws-data-platform-power-user

Power Users have a greater control over the Pre-Production account but are still restricted from Development and Production

AccountHas AccessRole
DevelopmentNoN/A
Pre-ProductionYesAWSPowerUserAccess
ProductionNoN/A

Collaborator

Relates to: saml-aws-data-platform-collaborator-*

Collaborators have limited access to both Pre-Production and Production allowing them to develop there ETL process and view the working jobs in Production.

AccountHas AccessRole
DevelopmentNoN/A
Pre-ProductionYesCustom
ProductionYesCustom