Required permissions
This section describes why CARTO recommends a certain set of permissions when creating connections, and how you can configure your connections' permissions to match the desired functionalities.
Since connections can be created with different providers (Google BigQuery, Snowflake, Amazon Redshift, Databricks, and PostgreSQL) we will adapt the different terminology for each data warehouse when possible, but generic terminology will also be used.
Recommended setup
Allow CARTO to create datasets/schemas in projects/databases used for analysis
Allow CARTO to update, delete, list, and read data in projects/databases used for analysis
Allow CARTO to list and read data in sensitive projects/databases where the goal is exclusively to visualize geospatial data.
Why are certain permissions required?
Other possible setups
In most data warehouses, permissions can be assigned granularly to different entities. A general recommendation, following the Principle of Least Privilege, is that you assign permissions based on the jobs to be achieved.
Last updated
Was this helpful?