Planning to set up Watson Knowledge Catalog
You must complete some set up tasks before other users can start working. After you complete these setup tasks, your governance team can start implementing a governance framework, and your data stewards can start curating data to share in catalogs.
You can perform most set up tasks with the Watson Knowledge Catalog Manager service level IAM role.
While you learn how to make a plan to set up Watson Knowledge Catalog in this section, consider these questions:
- Can you organize users into groups for different sets of tasks?
- Will your governance team create or import governance artifacts, or both?
- What is the best way to organize your governance artifacts in categories?
- How many review and approval steps do workflows for creating and publishing artifacts need?
- What, if any, custom properties and relationships do you need for artifacts and assets?
- What catalogs do you need and who needs to belong to them?
Your answers to these questions might change after you test your Watson Knowledge Catalog implementation or put it into production.
To create a plan to set up Watson Knowledge Catalog, determine which of the following tasks you must complete.
|Add users with the appropriate roles and permissions||Yes||During setup and then as needed|
|Create custom properties and relationships for assets and artifacts||No||Anytime|
|Create categories and add collaborators||No||During setup and then as needed|
|Define workflow configurations for governance artifacts||No||Anytime|
|Create catalogs and add collaborators||Yes||During setup and then as needed|
Add users with the appropriate roles and permissions
For this task, work with your IBM Cloud account administrator. The IBM Cloud account administrator must add all users to the IBM Cloud account for your organization and assign the users IAM platform and service roles. Let your IBM Cloud account administrator know who your governance team members are and which roles and permissions they need.
If you need more flexibility than the predefined IAM service roles provide, your IBM Cloud account administrator can create your own IAM service roles.
An efficient way to organize your governance teams and assign them roles is to create an IAM access group for each set of users who need the same roles and permissions. You assign each access group the appropriate roles and then add users to the appropriate access groups. Typically, organizations have several teams of users who perform different tasks in different workspaces. You can use the same access groups within the platform and add them to catalogs, categories, and workflow configurations.
For example, you might create access groups for these types of teams and add the groups to the appropriate workspaces.
|Team||IAM Service roles||Workspaces||Collaborator roles|
|Governance team members who create governance artifacts.||CloudPak Data Steward||Categories||Editor|
|Governance team members who review and approve governance artifacts.||CloudPak Data Steward||Categories
The reviewer or approval steps in workflow configurations.
|Data engineers who integrate data.||CloudPak Data Engineer||Catalogs
|Data stewards who curate data.||CloudPak Data Steward||Categories
|Data consumers who need to find assets in catalogs.||CloudPak Data Scientist||Catalogs
Some roles might not need a group because they apply to a few users. For example, you might assign the Manager and Reporting Administrator roles to one or two people.
Learn more about adding users
Create custom properties and relationships for assets and artifacts
You can create custom properties and relationships for governance artifacts or asset types when important information does not fit in the default properties and relationships. You can also create custom assets types.
You can create custom properties and relationships for artifacts and assets at any time. However, consider creating them during setup in the following situations:
- You plan to import governance artifacts or assets that have custom properties or relationships. If you don't create custom properties and relationships before you import the artifacts or assets, the values for the custom properties and relationships are not imported. However, if you create the custom properties and relationships later, then you can reimport the governance artifacts or assets to add those values.
- You know that you need custom properties and relationships and you want to ensure that all of the affected artifacts or assets have values for those properties and relationships.
- You plan to import assets that do not fit in the predefined asset types.
Learn more about custom properties and relationships
Create custom categories and add collaborators
The predefined categories, [uncategorized], Locations, and Knowledge Accelerator Sample Personal Data, contain predefined governance artifacts. You can add custom governance artifacts to the predefined categories, but you can't add subcategories and create a custom category structure. If you have the Manage governance categories permission, you can create custom top-level categories and add collaborators. You can create custom categories at any time. However, if you want to move governance artifacts to a new category, you must move each artifact individually.
When you plan a custom category structure, take into account the following considerations:
- Your data. You organize your categories by the subject matter of your data.
- Your business vocabulary. You might organize your categories by the semantic meaning of your data.
- Who needs which governance artifacts. You might organize your categories to mirror the departments in your organization.
- Who needs to create governance artifacts. You might organize your categories to mirror the teams of users who create them to ensure that each team has the least privilege necessary in each category.
- The origin of your governance artifacts. You can import previously defined categories from a file, from an export of another Watson Knowledge Catalog system, or from a Knowledge Accelerator. If you plan to import one type of governance artifact at a time, then you must create all the categories that are defined for those artifacts before you import the artifacts.
Typically, organizations want most users to be able to view most governance artifacts. By default, the Public Access user group is added to the predefined categories and custom top-level categories automatically so that all users have the Viewer role. You must assign other category roles to those users who need more permissions in a category structure. If you need more fine-grained control than the predefined category roles provide, you can create custom category roles. As an administrator, you must create the top-level categories. You can assign other users the category roles to create the subcategories for the rest of the category structure.
Learn more about categories
Define custom workflow configurations for governance artifacts
The default workflow configuration for governance artifacts allows all users who have at least the Editor role in categories to create, edit, delete, import, and then publish all types of governance artifacts without any reviews or approvals. You can create custom workflow configurations to define which review and approval steps are necessary for creating, editing, deleting, and importing which types of governance artifacts in which categories.
You can create custom workflow configuration at any time. However, new workflow configurations apply only to new workflows. Any governance artifacts that are in draft continue in their original workflows. Published artifacts are not affected by changes to workflow configurations.
Typically, organizations require one or more reviews and approvals to publish governance artifacts. If the same group of people need to review and approve all governance artifacts, then you can create one workflow configuration for all categories and types of governance artifacts. Alternatively, you can create multiple workflow configurations for different categories, types of artifacts, number of review and approval steps, or reviewers and approvers.
If you create custom workflow configurations, you can track that status of workflow tasks.
Learn more about custom workflow configurations
Create catalogs and add collaborators
You must create at least one catalog to contain assets. You can create the Platform assets catalog to give all users access to connections and connected data. Many organizations create multiple catalogs for different audiences or purposes. You can create more catalogs at any time.
You must choose whether to enforce data protection rules for each catalog. If your organization plans to create data protection rules, you must enable the enforcement of rules when you create the catalog. You can't change whether rules are enforced in a catalog after you create the catalog.
If you created user groups, you can easily add sets of collaborators to the catalogs. Most collaborators need the Editor role so that they can use assets. Consider adding a few users with the Admin role in each catalog to handle membership requests and other administrative tasks.
Learn more about creating catalogs
Next planning tasks
- Planning to implement a governance framework
- Planning to protect data with rules
- Planning to curate data to share
- Planning to monitor Watson Knowledge Catalog
Parent topic: Planning to implement data governance