Separate Data Lake Administrative Permissions into Roles
Currently Project Owner permission is required to create and manage data lake clusters. This requires dangerously elevated privileges simply to manage Data Lake.
I simply would like to either use existing project roles or create new roles specific to Data Lake with similar duty segregation: Data Lake Manager(similar to Project Cluster Manager), Read-Only, Read-Write, etc.
Project Owner should not be required to administer or use data lake features. Non-granular roles are fine for this urgent need, we simply need reasonable coarse-grained roles that would satisfy usage in any security-minded enterprise.
![](https://secure.gravatar.com/avatar/056637282b29e06a8a09c92e8c100c99?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
-
Kekoa commented
Currently Project Owner permission is required to create and manage data lake clusters. This requires dangerously elevated privileges simply to manage Data Lake.
I simply would like to either use [existing project roles](https://docs.atlas.mongodb.com/reference/user-roles/#project-roles) or create new roles specific to Data Lake with similar duty segregation: Data Lake Manager(similar to Project Cluster Manager), Read-Only, Read-Write, etc.
Project Owner should not be required to administer or use data lake features. Non-granular roles are fine for this urgent need, we simply need reasonable coarse-grained roles that would satisfy usage in any security-minded enterprise.