IBM watsonx provides attribute-based access control to protect workspaces such as projects and catalogs. You control access to workspaces by assigning roles and by restricting collaborators.
| Mechanism | Purpose | Responsibility | Configured on |
|---|---|---|---|
| Collaborator roles | Assign roles to control access to workspaces | Customer | IBM watsonx |
Collaborator roles
Everyone working in IBM watsonx is assigned a role that determines the workspaces that they can access and the tasks that they can perform. Collaborator roles control access to projects, deployment spaces, and catalogs using permissions specific to the role. Roles are assigned in IBM watsonx to provide Admin, Editor, or Viewer permissions.
Users also have an IAM Platform access role for the Cloud account and they may also have an IAM Service access role for workspaces. To understand how the roles provide secure access, see Roles in IBM watsonx.
To understand the permissions for each collaborator role, see Project collaborator roles.
Parent topic: Security