Cube includes two default data access groups that determine what dimensions and data users can see or edit across your model. You can also create custom data access groups to further fine-tune the level of access for your users.
Data access groups are layered with user types, which control feature access, to define what data a user can view or update and what they have access to in Cube. For example, you can use user types and data access roles so that a user can create and update reports but cannot edit any data.
Scenario-level write protection applies regardless of data access settings. So if a budget is blocked, even users with the ability to edit data will not be able to publish to this scenario. Learn more about scenario write protection.
Full Access
Users assigned to this group can view and edit any data associated with all dimensions anywhere they have write access through their user type.
Use this data access group for power users who need full visibility and control across your Cube model.
Read All
Users assigned to this group can view all data associated with dimensions, but cannot edit data in any part of the model.
This data access group is a good fit for business stakeholders or leadership who need visibility in shared reports or dashboards but should not directly change data.
Assign your users one of these data access groups to define the scope of their access, or create a custom data access group for more granular control.