Understand DMS Role-Based Access Control and Feature Permissions - Data Management

Data Management (DMS) uses a role-based access model. Each user is assigned one of five system roles, which determines which features they can access across the DMS console.

System roles

Role	Description
Regular user	Standard access to day-to-day database development and data operations. Cannot manage instances, configure platform-level security settings, or administer other users.
Security administrator	All regular user access, plus control over sensitive data policies, permission templates, and operation auditing.
Database administrator (DBA)	All regular user access, plus full SQL Console permissions, instance registration, database grouping, and task management.
DMS administrator	Full access to all DMS features, including user management, platform configuration, security rules, and approval workflows.
Schema read-only user	Read-only access to schema structures. Supports database development and DTS operations, but cannot register instances or manage platform-level security configuration (such as security rules, approval processes, or access IP whitelists).

Role permissions

The following tables list which features each role can access. For features that require database-level permissions — such as SQL Console and Database Development — the system role alone is not sufficient. You also need the appropriate permissions granted on the specific database.

Home page

All roles can access all home page features.

Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
My Tickets	Supported	Supported	Supported	Supported	Supported
Followed Assets	Supported	Supported	Supported	Supported	Supported
My Assets	Supported	Supported	Supported	Supported	Supported
Accessible Assets	Supported	Supported	Supported	Supported	Supported
Recently Accessed Assets	Supported	Supported	Supported	Supported	Supported
Release Notes	Supported	Supported	Supported	Supported	Supported
Instance List	Supported	Supported	Supported	Supported	Supported
Database List	Supported	Supported	Supported	Supported	Supported
Logical DB List	Supported	Supported	Supported	Supported	Supported
Shortcuts	Supported	Supported	Supported	Supported	Supported

Data assets

Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
Instances	Not supported	Not supported	Supported	Supported	Not supported
Categories	Supported	Supported	Supported	Supported	Supported

SQL Console

Note

Before running queries or making data changes in the SQL Console, make sure you have the required permissions on the target database.

Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
SQL Console	Supported	Supported	Supported (all features)	Supported (all features)	Supported

DBA and DMS administrator roles have permissions on all SQL Console features. Other roles access the SQL Console based on the permissions granted to them on specific databases.

Database development

Note

Database development features operate within the boundaries of your database permissions. Before submitting a ticket to modify a database, make sure you have the required permissions on that database or table. For example, to use Test Data Generation to insert records into a table, you need change permission on the database or the specific table.

Category	Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
Schema change	Schema Design	Supported	Supported	Supported	Supported	Supported
	Schema Synchronization	Supported	Supported	Supported	Supported	Supported
	Shadow Table Synchronization	Supported	Supported	Supported	Supported	Supported
	Empty Database Initialization	Supported	Supported	Supported	Supported	Supported
	Table Consistency Repairing	Supported	Supported	Supported	Supported	Supported
Data change	Normal Data Modify	Supported	Supported	Supported	Supported	Supported
	Lockless Change	Supported	Supported	Supported	Supported	Supported
	Historical Data Cleanup	Supported	Supported	Supported	Supported	Supported
	Data Import	Supported	Supported	Supported	Supported	Supported
	Programmable Object Permissions	Supported	Supported	Supported	Supported	Supported
Data export	SQL Result Set Export	Supported	Supported	Supported	Supported	Supported
	Database Export	Supported	Supported	Supported	Supported	Supported
SQL review	SQL Audit Ticket	Supported	Supported	Supported	Supported	Supported
Environment construction	Database Clone	Supported	Supported	Supported	Supported	Supported
	Test Data Generation	Supported	Supported	Supported	Supported	Supported
Data tracking	Data Tracking Ticket	Supported	Supported	Supported	Supported	Supported
R&D Space	DevOps	Supported	Supported	Supported	Supported	Supported
	My Tickets	Supported	Supported	Supported	Supported	Supported

DTS

Category	Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
DTS	Data Synchronization	Supported	Supported	Supported	Supported	Supported
	Data Migration	Supported	Supported	Supported	Supported	Supported
	Change Tracking	Supported	Supported	Supported	Supported	Supported
	Data Verification	Supported	Supported	Supported	Supported	Supported
Data development	Task Orchestration	Supported	Supported	Supported	Supported	Supported
Heterogeneous Database Migration (ADAM)	Database Evaluation	Supported	Supported	Supported	Supported	Supported
	Application Evaluation and Transformation	Supported	Supported	Supported	Supported	Supported
	SQL Conversion	Supported	Supported	Supported	Supported	Supported

Primary Features	Sub-feature	Regular user	Security administrator	DBA	Administrator	Schema read-only
Data Transmission Service (DTS)	Data synchronization	Supported	Support	Support	Support	Support
	Data migration	Support	Support	Support	Support	Supported
	Change tracking	Support	Support	Supported	Support	Support
	Change tracking	Support	Support	Support	Support	Support
Data Development	Task orchestration	Support	Supported	Support	Supported	Support
Heterogeneous database migration (ADAM)	Database evaluation	Support	Support	Support	Support	Support
	Application evaluation and transformation	Support	Support	Support	Support	Support
	SQL conversion	Supported	Support	Support	Support	Support

Security and specifications

Category	Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
Permission Center	Permission Tickets	Supported	Supported	Supported	Supported	Supported
	Permissions	Supported	Supported	Supported	Supported	Supported
	Permission Templates	Not supported	Supported	Supported	Supported	Not supported
	Security Rules	Not supported	Not supported	Supported	Supported	Not supported
	Approval Processes	Not supported	Not supported	Supported	Supported	Not supported
	Access IP Whitelist	Not supported	Not supported	Not supported	Supported	Not supported
	Operation Audit	Supported	Supported	Supported	Supported	Supported
Sensitive data	Sensitive Data Assets	Not supported	Supported	Supported	Supported	Not supported
	Rule Configurations	Not supported	Supported	Supported	Supported	Not supported
	Sensitive Data Audit	Not supported	Supported	Supported	Supported	Not supported
	Data Watermark	Supported	Supported	Supported	Supported	Supported

Solutions

O&M

Feature	Regular user	Security administrator	DBA	DMS administrator	Schema read-only user
Users	Not supported	Not supported	Not supported	Supported	Not supported
Configuration Management	Not supported	Not supported	Not supported	Supported	Not supported
Database Grouping	Not supported	Not supported	Supported	Supported	Supported
Task	Not supported	Not supported	Supported	Supported	Not supported
Notification	Not supported	Not supported	Supported	Supported	Not supported
Intelligent Operation	Not supported	Supported	Supported	Supported	Not supported
Task Orchestration Operation Center	Supported	Supported	Supported	Supported	Supported