Setting up watsonx.governance
You must set up watsonx.governance to monitor model assets in your IBM watsonx projects and deployment spaces. To set up watsonx.governance, you can manage users and roles for your organization to control access to your projects and deployment spaces.
To set up watsonx.governance, complete the following tasks:
Creating access policies
You can complete the following steps to invite users to an IBM Cloud account that has a watsonx.governance instance installed and assign service access.
- Required roles
- Users must have have the Reader, Writer, or higher IBM Cloud IAM Platform roles for service access. Users that are assigned the Writer role or higher can access information across projects and deployment spaces in watsonx.governance.
- From the IBM Cloud homepage, click Manage > Access (IAM).
- From the IAM dashboard, click Users and select Invite user.
- Complete the following fields:
- How do you want to assign access? :
Access policy
. - Which service do you want to assign access to? :
watsonx.governance
and click Next. - How do you want to scope the access : Select the scope of access for users and click Next.
- If you select Specific resources, select an attribute type and specify a value for each condition that you add.
- If you select Service instance in the Attribute type list, specify your instance in the Value field.
- How do you want to assign access? :
- If you have multiple instances, you must find the data mart ID to specify the instance that you want to assign users access to. You can use one of the following methods to find the data mart ID:
- On the Insights dashboard, click a model deployment tile and go to Actions > View model information to find the data mart ID.
- On the Insights dashboard, click the navigation menu on a model deployment tile and select Configure monitors. Then, go to the Endpoints tab and find the data mart ID in the Integration details section of the Model information tab.
- Select the Reader role in the Service access list.
- Assign access to users.
- If you are assigning access to new users, click Add, and then click Invite in the Access summary pane.
- If you are assigning access to existing users, click Add, and then click Assign in the Access summary pane.
watsonx.governance users and roles
You can assign roles to watsonx.governance users to collaborate on model evaluations in projects and deployment spaces.
The following table lists permissions for roles that you can assign for access to evaluations. The Operator and Viewer roles are equivalent.
Operations | Admin role | Editor role | Viewer/Operator role |
---|---|---|---|
Evaluation | ✔ | ✔ | |
View evaluation result | ✔ | ✔ | ✔ |
Configure monitoring condition | ✔ | ✔ | |
View monitoring condition | ✔ | ✔ | ✔ |
Upload training data CSV file in model risk management | ✔ | ✔ |
Parent topic: Setting up the platform for administrators