List of Privileges
This page provides a complete list of privileges in TigerGraph’s Role-based Access Control system.
-
Any privilege marked “on global only” can only be granted to a global role. It cannot be granted to a local role (See Global role vs local role).
-
The command
IMPORT GRAPH <gName>
needs multiple privileges, .e.gWRITE_SCHEMA
,WRITE_LOADING_JOB
,WRITE_QUERY
and so on. -
To run the command
CREATE SECRET
on a graph, the user must have at least one of the access database privileges:READ_DATA
,WRITE_DATA
andEXECUTE_LOADINGJOB
on that graph. Thus the built-inqueryreader
role and above can create secrets on a graph, but the observer role cannot.
Table of Privileges
Privilege Name | Commands Associated | Global Only |
---|---|---|
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
No |
|
|
Yes |
|
|
No |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
Yes |
|
|
No |
|
|
Yes |