Updating access page #6037
Updating access page #6037
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
github-actions
bot
added
content
There was a problem hiding this comment.
@matthewshaver This reads GREAT! I absolutely love you running through the okta and Cloud configs with a persona (good ol' Euclid.) I feel like we should do this in other places where there's an admin and user personas and they both have steps to follow.
| @@ -8,142 +8,203 @@ pagination_prev: null | |||
|
|
|||
| :::info "User access" is not "Model access" | |||
|
|
|||
| **User groups and access** and **model groups and access** mean two different things. "Model groups and access" is a specific term used in the language of dbt-core. Refer to [Model access](/docs/collaborate/govern/model-access) for more info on what it means in dbt-core. | |||
| **User groups and access** and **model groups and access** are two different things. "Model groups and access" is a specific term used in the language of [model governance](/docs/collaborate/govern/about-model-governance). Refer to [Model access](/docs/collaborate/govern/model-access) for more information. | |||
There was a problem hiding this comment.
The note on the Model access page says a little more about the future of these two things. I wonder if we should have a reusable and use one note in both places?
There was a problem hiding this comment.
What if we change the perspective on both but keep similar information?
"You're on this page to do x which is not y'
"You're on this page to do y, which is not x"
There was a problem hiding this comment.
I love that @matthewshaver. Feels more appropriate
|
|
||
| ## Role-based access control | ||
| Delete users from this same window to free up licenses for new users. |
There was a problem hiding this comment.
I think a line after an image can easily get lost. It feels like it might be helpful to move this important line into the paragraph preceding the image.
| :::info dbt Cloud Enterprise | ||
| ### Groups | ||
|
|
||
| Groups in dbt Cloud serve much of the same purpose as they do in traditional directory tools — to gather individual users together to make bulk assignment of permissions easier. Admins use groups in dbt Cloud to assign [licenses](#licenses) and [permissions](#permissions). The permissions are more granular than licenses, and you only assign them at the group level; _ you can’t assign permissions at the user level._ Every user in dbt Cloud must be assigned to at least one group. |
There was a problem hiding this comment.
Something is not working with the italics here. Maybe need to remove the semicolon?
There was a problem hiding this comment.
Weird. I'll try a few things
|
|
||
| Role-based access control is a feature of the dbt Cloud Enterprise plan | ||
| If a user is assigned licenses and permissions from multiple groups, the group that grants the most access will take precedence. You must assign a permission set to any groups created beyond the three defaults, or users assigned will not have access to features beyond their user profile. |
There was a problem hiding this comment.
"You must assign a permission set to any groups created beyond the three defaults, or users assigned will not have access to features beyond their user profile."
This sentence might be more helpful in the paragraph above that begins with "Create new groups from the..."
If a user is assigned licenses and permissions from multiple groups, the group that grants the most access will take precedence.
What do you think about simplifying this a little? I had to read it a couple of times to get it. Maybe something like:
| If a user is assigned licenses and permissions from multiple groups, the group that grants the most access will take precedence. You must assign a permission set to any groups created beyond the three defaults, or users assigned will not have access to features beyond their user profile. | |
| When a user belongs to multiple groups, the group that grants the most access will take precedence. You must assign a permission set to any groups created beyond the three defaults, or users assigned will not have access to features beyond their user profile. |
There was a problem hiding this comment.
I think we should keep this specific because groups can be assigned with no permissions. It's about license and permission assignments. One piece of feedback was that customers were getting confused, so I think leaving in the specific language will help.
Maybe making it a callout would work better? This is an important part to stress
There was a problem hiding this comment.
Maybe making it a callout would work better? This is an important part to stress
That might work! See how it looks on the page. Your call either way!
Co-authored-by: Leona B. Campbell <[email protected]>
Co-authored-by: Leona B. Campbell <[email protected]>
Co-authored-by: Leona B. Campbell <[email protected]>
|
|
||
| Role-based access control is a feature of the dbt Cloud Enterprise plan | ||
| If a user is assigned licenses and permissions from multiple groups, the group that grants the most access will take precedence. You must assign a permission set to any groups created beyond the three defaults, or users assigned will not have access to features beyond their user profile. |
There was a problem hiding this comment.
Maybe making it a callout would work better? This is an important part to stress
That might work! See how it looks on the page. Your call either way!
github-actions
bot
added
size: large
What are you changing in this pull request and why?
Updating the user access page based on feedback.
See this internal page for more info
Checklist