Static user roles create unnecessary bottlenecks. Teams end up with too much access or not enough, leading to security risks and workflow delays. Secoda's Custom Roles feature solves this by giving teams precisely the access they need - making data governance both secure and efficient.

Why custom roles matter: The business impact

Custom roles solve four major access management challenges that businesses face today.

1. Security and compliance 

Regulatory compliance shapes modern business operations, and custom roles provide the foundation for meeting these requirements. Detailed audit logs automatically track every permission change, generating the documentation needed for SOC 2, GDPR, and other industry-specific regulations. Compliance reports give auditors and stakeholders clear visibility into data access patterns, while helping organizations adhere to data protection standards.

2. Operational efficiency 

Operational efficiency improves through custom roles. Teams can create standardized roles for positions like Data Analyst, Finance Manager, or Data Steward. By setting permissions once at the workspace level, they automatically apply to new resources and sync directly with identity providers. Team leads can manage access for their own teams, reducing bottlenecks and administrative overhead.

3. Team autonomy 

Team autonomy becomes straightforward with custom roles. For example, data teams get full access to their entire data stack while sensitive data stays restricted. Analysts can explore their data catalog with controlled modification rights. Automated approval workflows handle access requests efficiently, balancing team independence with security requirements.

4. Access control 

Access control provides the foundation for effective resource management. Custom allow admins  define specific viewing, editing, and management permissions for features and resources in Secoda. For example, a role can allow managing monitors and automations, while providing limited access to the resources ingested from an integration such as Snowflake. 

Getting started

Ready to transform your data access management? Watch our step-by-step video guide on setting up custom roles:

Setting up Custom Roles

1. Navigate to Settings > Members and permissions
2. In the Roles tab, click "Create role"
3. Enter a role name and description
   
   • Choose a clear, descriptive name
   • Add details about the role's purpose in the description
4. Configure role permissions across these areas:
   
   • User management: Control access to Users, Roles, Groups and Teams
   • Resource management: Add filters and rules to control resource access
   • Features: Set access levels for platform features like monitors, DQS, and lineage
   • Settings: Control access to APIs, integrations, AI, billing and other Admin-related settings
5. Assign the role:
   
   • Go to the Members tab
   • Add users or groups to the new role
6. Configure time-based access restrictions if needed

Read the full product documentation here.

Use cases

Data engineering teams

Challenge: Need to manage multiple data pipelines without exposing sensitive data 

Solution: Configure custom role with:

• Full access to specific data integrations around data pipelines
• View-only access to documents and glossary terms
• No access to business specific integrations, such as Salesforce
• Permission to create and modify data monitors for pipelines

Analytics teams

Challenge: Require broad view access but limited editing capabilities to BI tools

Solution: Configure custom role with:

• Read access across all data sources
• Edit rights for specific dashboards and reports
• Permission to create new documents

External consultants

Challenge: Access with strict limitations 

Solution: Configure custom role with:

• Access to resources in the External team only
• No access to settings, features, or user management
• Access to audit logs

Finance department

Challenge: Need to maintain sensitive financial data access 

Solution: Configure custom role with:

• Full access to finance schema in Snowflake
• View only access to all other data
• Manage Finance team documents

Best practices for implementation

1. Start with an audit of your current access patterns
2. Create role templates for common positions
3. Implement a regular review process for role assignments
4. Document your role hierarchy and permission structure
5. Train team leads on role management
6. Set up monitoring for unusual access patterns

By implementing custom roles in Secoda, organizations can achieve the perfect balance between security and accessibility, ensuring teams have exactly the access they need to perform their best work while maintaining robust data governance standards.

‍