Verifying Successful Migration to Policy Based Database Permissions
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude
Connect to Cursor
Install MCP server on Cursor
Connect to VS Code
Install MCP server on VS Code

With Policy-based Database permissions, you can assign the same policy to a group of users instead of setting up individual permissions for each user. Contact your Customer Success representative about enabling this feature.

After the Policy-based Database permission feature is enabled, database access at the user level is no longer available. You cannot revert to the previous database access (legacy).

If you recently migrated from Legacy Database Permissions to Policy-based Database Permissions, you may want to verify that you've migrated successfully by checking that you have the default permissions you were assigned in Legacy Database Permissions.

Confirming Database Permissions - Admin

You can verify users' permissions and can verify your ability to set up database permissions by checking policies.

Verify Your Own Database Permissions

After migration, you can verify your own permissions by checking the permissions assigned to you by default. You should see that you continue to have full permission for all databases.

By default, a brand new administrator begins with no access to user-defined databases. After you've been promoted to an Administrator role by another TD Administrator you can grant yourself "Full Access" permissions by creating a policy or adding yourself to an existing policy with "Full Access" permission.

Open TD Console.
Select Data Workbench. Confirm you can see all your databases and you continue to be the administrator for the list of databases.

Verify Database Permissions of Other Users - Admin

You can verify the legacy permissions of users who have migrated by checking their default policies.

Open TD Console.
From the Control Panel, select User.

Select a user.
From the right-hand panel, select Resources to view the databases. You may see variations depending on the previous permissions of the user.

Confirm the user has two additional default database permissions: Download Databases and Manage Own Databases, and that the user continues to have access to databases they had access to prior to the migration.

For example, a restricted user who had the following access permissions in the legacy system including Import Only access to DB "admins_db_b" database, Query Only access to "admins_db_c" database, "sample_datasets" database, "information_schema" database, and Full Access for "admins_db_a" database and "user1_db_a" database, will have the following permissions upon enabling Database Policy-based Permissions.

Verifying Default Policies of Other Users - Admin

As an admin, you can verify default policies to ensure the specified user has the same access they had prior to migration.

Open TD Console.
From the Control Panel, select Users.

Select Policies.
Confirm the user continues to have the same policies they had access to prior to the migration plus additional policies that describe the user's database permissions.

For each user, the following three policies will automatically be created after migration, depending on the legacy permissions they have. Learn more by reviewing the Policy-based Database Permissions Matrix.

Legacy: Full Access

Policy created: Database edit for {user_id}
What it means: The user retains general (full) access to the database. If user A has user ID 1234, the policy name becomes Database edit for 1234.

Legacy: Query Only

Policy created: Database query for {user_id}
What it means: The user keeps query-only access to the database.

Legacy: Import Only

Policy created: Database import for {user_id}
What it means: The user retains import-only access to the database.

Verify Database Permissions of New Users - Admin

Open TD Console.
From the Control Panel, select User. As an admin, you can verify default policies.

3. Search for a new user. 4. From the right-hand panel, select Resources to view the databases. You may see variations depending on the previous permissions of the user. 5. Confirm the user has access to two default query-only databases sample_datasets , information_schema.

Confirming Database Permissions - Restricted User

As a restricted user, you can verify the database permissions you have following migration.

Open TD Console.
Select Data Workbench.
Select My Settings > Resources.

Hover over the question mark beside Permission to view your permissions. You can see the explanation of what each permission allows you to do. For example, Manage Own allows you to create, edit, and delete databases you created.

Confirming Database Permissions - Newly Created User

By default, new users would not have any policies attached to their profiles. Each user has access to default databases, which can only be queried.

Open TD Console.
Select Data Workbench.

Select Databases.
Confirm you have limited viewing capabilities and query-only access to sample datasets set up by your organization and that each user has access to two default query-only databasessample_datasets , infomation_schema.