Important changes to roles and permissions

Documentation Index

Fetch the complete documentation index at: https://docs.maia.ai/llms.txt

Use this file to discover all available pages before exploring further.

We would like to inform you of some important changes to roles and permissions that we are implementing, primarily in . Please read them carefully, as the permissions of your users will change. We will be adding account roles and making changes to the project and environment roles. These changes are designed to simplify the management of your account and support some exciting new features we will be launching in the next few months, such as the ability to create custom roles.

---

​

Upcoming changes

• Control over an environment inheriting a default value.
• Changes to Account roles for all users.

​

Completed changes

• New Contributor role for environments.
• Changes to the Runner (now called Operator) role for environments.
• Users with the Contributor role on a project can now create and modify project-level variables, but can’t delete them.

For more information, read Environment roles.

---

​

Account role changes

We are simplifying user management at the account level by migrating all existing users to one of the following new roles:

• Super Admin
• Admin
• Billing Admin
• Member

This change affects all users of both (when logging into Matillion Hub) and . Once migrated, for accounts where is enabled, all users will be able to access , and it will no longer be possible to restrict access to at a user level. If are enabled at the account level, then all users will be able to access . The ability to control access to at the user level will be restored with the launch of Custom Roles in the coming months. Users will be mapped as below:

• Any user with Super Admin → Super Admin.
• Any user with Billing → Billing Admin.
• A user with both User Admin and Can create projects → Admin.
• All other users → Member.

The permissions for each account role are as follows: Users will be mapped according to their permissions at the time of the migration, so any changes made between now and then will affect the role each user is migrated to. We’ll confirm the exact date of this change closer to the time. Action required: Review the existing account permissions of your users and update them as above to avoid a loss of functionality.

---

​

Project role changes

Users with the Contributor role on a project will be able to create and modify project-level variables, but will not be able to delete them. This change affects users only.

---

​

Environment role changes

We are introducing a new Contributor role to environments that can:

• Modify environment-level overrides for project-level variables, secret definitions, and OAuths.
• See the environment role permission table below for an understanding of the Contributor roles’ capabilities.

With the addition of the Contributor role, we will remove the following permissions from the Operator role:

• Sample pipelines
• Validate pipelines
• Run unpublished pipelines
• Schema view

The Owner, Contributor, and Operator roles will be able to run published pipelines. The new permissions for environment roles are as follows: This change affects users only. Action required: Make sure that all users who need to edit or manage an environment configuration or project variable environment overrides are assigned the Contributor environment role. For more information, read Environment roles.

---

​

Environment configuration change

We are introducing the ability to prevent an environment from inheriting default values in project-level variables, secret definitions, and OAuths. You will be able to set this when creating or editing an environment. When an environment is set to not inherit project-level default values, it will instead always use the environment default override. This change affects users only.

​

Need support?

If you need support with these changes, please raise a support ticket.