Understanding user identity and access management (IAM)

Overview

TerraTrue’s Identity and Access Management (IAM) is simple to administer yet flexible where it matters most. Our out-of-the-box defaults are sensible, meaning you won't need to provide additional access for the majority of your users. If you do need to make changes, this guide walks you through how IAM works on TerraTrue and how to assign access rights to individual users and groups. 

How IAM Works

With IAM, you manage access control by defining who (identity) has what access (permission) to specified resources on TerraTrue. For example, you may grant user ‘Bob’ the permission of Admin so that Bob can configure TerraTrue for your organization and provision new users.

Identity

TerraTrue provides three ways for you to specify who should be granted a certain permission:

• An individual user. When you initially provision a user on TerraTrue or at any time afterwards, you are able to grant (or revoke) a permission for that specific user. In our example above, you granted the Admin role to the user ‘Bob’.

• An approval role. When you initially create an approval role on TerraTrue or at any time afterwards, you are able to grant (or revoke) a permission for that specific approval role. For instance, you may grant the ‘Privacy’ approval role the permission to edit Privacy Worksheets. Any individual member of the ‘Privacy’ approval role will then be able to edit Privacy Worksheets for as long as they remain members of that approval role.

• Everyone. This is a special identifier that represents all the users in your organization. Permissions that you provide to Everyone will be granted to all your users.

Permissions

TerraTrue recognizes the below permissions. For more information on what these permissions exactly entail, please see the last section of this document.

• Admin: Used for managing the organization settings on TerraTrue, including provisioning users, managing access, managing approval roles and much more. This permission is particularly powerful so please consider carefully whom you grant it to. For a more comprehensive list of what is included in that permission, refer to the Admin permission reference section.
• Data Spec Viewer: Lets users view but not modify existing Data Specs. This permission is given by default to Everyone.
• Data Spec Editor: Lets users not only view existing Data Specs but also create, modify, and delete Data Specs. It is not necessary to also grant the Data Spec Viewer permission as it is implicitly given. This permission is given by default to Everyone.
• Launch Manager: A user with this permission is able to delete a launch and its accompanying data as well as reset approvals for a launch (invalidating prior approvals to indicate that a launch warrants a re-review due to a scope change or other reasons). Such a user is then also able to manage labels and components as well as import launches, all from the corresponding organization settings.
• Observer: This is currently the only permission that restricts what a user can do as opposed to granting them additional abilities. The Observer permission is intended to be given to users who may want to observe your program on TerraTrue but otherwise not make changes to it. For example, you may want to grant the Observer permission to your compliance team or to an external legal counsel. While you may add additional permissions to a user who has the Observer permission, those added permissions may not fully take effect for those users; the Observer user is prevented from making sensitive modifications such as creating Data Specs, managing organization settings or deleting launches.
• Outbound Webhook Manager: Allows users to view or modify the outbound webhooks for an organization, both as TerraTrue users and as external API users.
• Privacy Manager: Used for managing the Privacy and Customization organization settings on TerraTrue, including the Privacy Policy Permissions, the Privacy Profile, the Privacy Policy Generator among other privacy settings.
• Privacy Worksheet Editor: Lets users view existing Privacy Worksheets as well as create, modify and delete Privacy Worksheets. It is not necessary to also grant the Privacy Worksheet Viewer permission as it is implicitly given. This permission is given by default to Everyone.
• Privacy Worksheet Viewer: Lets users view but not modify existing Privacy Worksheets. Because a Privacy Worksheet contains data from the Data Spec, this permission also allows users to view Data Specs. It is not necessary to also grant the Data Spec Viewer permission as it is implicitly given. This permission is given by default to Everyone.
• Third Party Assessment Viewer: Allows users to view third party assessments and invitations, link third party assessments to launches, and view internal surveys and their responses. Other access rules may still apply to individual third party assessments and internal surveys, so granting a user this permission will not necessarily grant them access to all of your org's third party assessments and internal surveys.
• Workflow Manager: Used for managing custom workflows. This permission includes creating, editing and deleting custom workflows, as well as changing visibility and other related configuration rules for custom workflows.

• Data Catalog Viewer: Allows users to view and search existing datasets but not modify the description or the classification of the Data Types.

• Data Catalog Editor: Allows users to view, search and also update existing datasets including the Data Types of a column and the description of a dataset.

• Data Catalog Admin: Allows users to view, create, and edit ingestions and secrets in addition to all that a Data Catalog Editor can do.

Reference

Built-in permission

Here is a more detailed list of all the abilities provided by TerraTrue automatically. These are grouped by functionality. Please note that an asterisk (*) next to a line indicates that this ability is not available to users with the Observer permission.

LaunchPad

• View and search the LaunchPad

• Add, modify and remove a Saved Search

Launch Summary

• View any launch summary including comments and revision history

• Edit launch title, description, and due date*

• Add a launch comment and delete your own launch comment*

• Assign approval for a given approval role*

Privacy Central

• View and search Privacy Central

Organization Settings

• View users and their permissions*

• View approval roles and their memberships*

• View label groups and their values

Taxonomies

• View Data Use, Data Type, and Third Party taxonomies

• Add Data Use, Data Type, and Third Party custom taxonomies*

Support Portal

• View and search all support cases and feature requests

• Create a new support case and feature request

• Edit title, description, status, or priority of a support case

• Edit title and description of a feature request

• Add comment to a support case

• Delete any comment from a support case

Admin permission

A user with the Admin permission can manage user roles and make changes to the org settings within TerraTrue. Here is the list of the unique abilities that come with this powerful permission, grouped by functionality. These are in addition to the built-in permission as well as all other supported permissions.

Launch Summary

• Delete any comment on a launch, even when not authored by that user.

Organization Settings

• View organization history

• Add (or delete) a user

• Change a user's display name

• Configure IAM - add and remove permissions to users and approval roles

• Add a user to (and remove from) an approval role

• Add, edit, and remove approval roles

Review Team's Assignee and Status

Throughout the review process, users will want to update the status of the review to indicate their progress and notify other users. There are some considerations in terms of which users can modify the status of a review. The following table describes the permissions required to update a review team status.

Pre-requisite: the user has access to the launch being interacted with.