Access Controls
Definition
Section titled “Definition”Standardize access via RBAC/ABAC, SSO/SCIM, and per-environment segregation.
Schema / Parameters
Section titled “Schema / Parameters”- Roles: viewer, editor, admin; break-glass procedures.
- Environments: prod, staging, dev isolation; separate projects/keys.
- Credentials: secret storage, rotation policy, audit logging.
Defaults
Section titled “Defaults”- Least privilege; deny by default; time-bound elevated access.
Examples
Section titled “Examples”- Read-only warehouse role for analysts; write roles scoped to schemas.
Limits
Section titled “Limits”- Shadow IT and shared credentials; fix via SSO and audits.