Role-based access control is a flexible approach to restricting data source access to authorized users. Within the application, the two major tools for implementing data source access control are roles and permissions.
A role is a many-to-many mapping between users and data sources. Users are assigned to roles, and roles are granted access to data sources. This enables an administrator to make data sources accessible to a logical group of users.
A permission is a one-to-one mapping between a user and a data source, along with a specified duration. After this duration period has expired, the permission is automatically revoked, i.e., the user will no longer have access to the data source via the permission.
These elements can only be configured by administrators in the management overview for the account.