By default, all users in Data Management (DMS) can see every database instance and database in the console — even those they have no permissions on. Metadata access control changes this: after you enable it, users can only view and access the instances and databases on which they hold query, export, or change permissions.
Prerequisites
Before you begin, make sure you have:
A database instance managed in Security Collaboration mode
The database administrator (DBA) or DMS administrator role (View system roles)
Usage notes
When metadata access control is enabled for an instance or database, users with no permissions on that object can no longer apply for access by submitting tickets. Only a DBA or DMS administrator can grant permissions directly. To grant permissions to a user, see Manage permissions by using the instance management feature.
Enable or disable metadata access control
Log on to the DMS console V5.0.
Move the pointer over the
icon in the upper-left corner and choose All Features > Data Assets > Instances.In normal mode, choose Data Assets > Instances in the top navigation bar.
Choose the scope for metadata access control:
Scope How to access Instance level Click the Instance List tab, find the instance, and choose More > Access control in the Actions column Database level Click the Database List tab, find the database, and choose More > Access control in the Actions column In the Metadata access control dialog box, turn on or off Metadata access control and click OK.
What's next
Grant permissions to a user on an instance: On the Instance List tab, find the instance and choose More > Manage Permissions in the Actions column. For details, see Manage permissions by using the instance management feature.
Enable metadata access control for a user: DMS administrators can restrict a specific user to only view instances and databases they have permissions on — preventing that user from discovering or applying for access to other objects. For details, see Enable access control for a user.