This topic describes how to add workspace members and assign roles to them. This topic
also describes the permissions of each role.
Prerequisites
If you need to use DataWorks together with other users, create Resource Access Management
(RAM) users, create a workspace, and then follow the instructions in this topic to
add members to your workspace. For more information about how to create RAM users
and workspaces, see
Prepare a RAM user and
Create a workspace.
Background information
Note If you need to perform all operations in your workspace by using only the Alibaba
Cloud account, you can skip this topic and directly create tables and import data.
For more information, see
Create tables and import data.
You can log on to the DataWorks console by using your Alibaba Cloud account or as
a RAM user.
Alibaba Cloud adopts the following billing rules for RAM users:
- An Alibaba Cloud account owns Alibaba Cloud resources. Resource usage is measured
and billed to the Alibaba Cloud account. You can use the Alibaba Cloud account to
create RAM users for your enterprise. You can also use the Alibaba Cloud account to
manage and grant permissions to RAM users.
- RAM users are created and managed by the Alibaba Cloud account in the RAM console.
RAM users do not own resources, so the resource usage of a RAM user is not measured
or billed to the RAM user. The Alibaba Cloud account centrally manages all RAM users
and pays for the resources used by RAM users.
Procedure
- Go to the Workspace Management page of the workspace to which you want to add members.
- Log on to the DataWorks console.
- In the left-side navigation pane, click Workspaces.
- On the Workspaces page, find the workspace to which you want to add members and click
Workspace Settings in the Actions column.
- In the Workspace Settings panel, click More. The Workspace Management page appears.
You can also click Data Development in the Actions column of the workspace to which
you want to add members. On the
DataStudio page, click the

icon in the upper-right corner to go to the
Workspace Management page.
- In the left-side navigation pane, click User Management.
- On the User Management page, click Add Member in the upper-right corner.
- In the Add Member dialog box, click Refresh. All the RAM users created by your Alibaba Cloud account appear in the Available
Accounts section.

Note If you need to create more RAM users, click
RAMConsole in the Add Member dialog box to go to the RAM console and create RAM users as required.
For more information about how to create a RAM user and allocate the RAM user to a
person, see
Prepare an Alibaba Cloud account.
- Select RAM users in the Available Accounts section and click the > icon to move them to the Added Accounts section.
- Select the roles to be assigned to the RAM users and click Confirm.

Notice You must move RAM users from the Available Accounts section to the Added Accounts
section before you assign roles to them.
- Go to the User Management page and view or modify the roles of each added member.
You can click Remove in the Actions column of a member to remove the member.
A workspace can have the following roles:
Owner,
Workspace Manager,
Development,
O&M,
Deploy,
Visitor, and
Safety Manager. By default, the creator of a workspace is assigned the Workspace Manager role.
Role |
Description |
Owner |
The member with this role has full permissions on the workspace. |
Workspace Manager |
A member with this role has all permissions of the Development and O&M roles. A member
with this role can also manage the workspace. For example, the member can add and
remove workspace members and create custom resource groups.
|
Development |
A member with this role can design and maintain nodes on the DataStudio page in the
workspace.
|
O&M |
A member with this role can manage the execution of all nodes in the workspace in
Operation Center.
|
Deploy |
A member with this role can review the code of each node and determine whether to
commit the nodes to Operation Center only in a workspace in standard mode.
|
Visitor |
A member with this role can only view workflows and code on the DataStudio page in
the workspace.
|
Safety Manager |
A member with this role can perform operations only in Data Security Guard. For more
information, see Data Security Guard.
|
If a workspace uses a MaxCompute engine, mappings are established between the preset
roles of DataWorks and the MaxCompute roles for projects in Dev mode. The following
table describes the mappings. For more information, see
Users, roles, and permissions.