This section describes why CARTO recommends a certain set of permissions when creating connections, and how you can configure your connections' permissions to match the desired functionalities.
Since connections can be created with different providers (Google BigQuery, Snowflake, Redshift, Databricks, and PostgreSQL) we will adapt the different terminology for each data warehouse when possible, but generic terminology will also be used.
- Allow CARTO to create datasets/schemas in projects/databases used for analysis
- Allow CARTO to update, delete, list, and read data in projects/databases used for analysis
- Allow CARTO to list and read data in sensitive projects/databases where the goal is exclusively to visualize geospatial data.
This permission is required by one of the main CARTO tools: CARTO Workflows.
Workflows are powered by temporary tables and in order to minimize the noise created by CARTO, we create a dataset/schema exclusively for Workflows. You can customize the name of the dataset for temporary tables when creating a connection.
Our philosophy is to couple tightly with your data warehouse to remove maintenance and facilitate advanced geospatial analysis for your users, so potential upcoming features could also require this.
❌ Workflows (and potential upcoming features) won't work automatically without this permission.
🚧 You could make Workflows work by previously creating and configuring a custom
workflows_tempin your connection.
✅ All other functionalities will work without this permission.
This permission is required by a lot of analytical functionalities that modify or overwrite existing tables. For example, geocoding a table or optimizing a table.
Additionally, users won't be able to store the output of Workflows and Builder analysis in an existing location.
❌ Geocoding, most table optimizations, and potential upcoming features won't work.
🚧 Enrichment and Tilesets will be restricted to creating new tables, other functionalities might also fail.
✅ Visualization and basic analytical features will work without this permission.
This permission is required by most analytical functionalities in CARTO. For example, storing the output of an analysis in Builder or Workflows won't be possible at all. Creating tilesets, enrichments, geocoded tables, and isolines won't be available either.
This permission is also mandatory to import geospatial data from the user's computer.
Workflows won't work since it's powered by creating temporary tables.
A connection without this permission can be considered view-only, and only a very specific subset of features will work.
❌ Workflows, Tilesets, Enrichments, Geocoding, Imports, and optimizations won't work. The result of analysis and visualizations won't be ever stored back in the Data Warehouse. Basic UI functionalities such as "delete table" will fail. Most upcoming features won't be compatible with your connection.
🚧 The experience for editors might not be ideal, as most functionalities will fail.
✅ Read-only maps and apps can still be built and shared.
In most data warehouses, permissions can be assigned granularly to different entities. A general recommendation, following the Principle of Least Privilege, is that you assign permissions based on the jobs to be achieved.
Example 1: You can apply the recommended setup in one project/database where CARTO analysis will be performed, and apply a restricted set of permissions in the other projects/databases.
Example 2: Because connections can be shared with specific groups of users, if you have a team of data scientists and a team of developers (working on an application) and you want both to use CARTO, we recommend using the following setup:
- A connection with the recommended setup for the Data Science team.
- A connection with the recommended setup in the DEV project/database, but with restricted access to the PROD project/database for the Development team