Governance uses role-based access to control who can create policies, submit evidence, and approve bundles. Governance introduces one new Domino Global Role: GovernanceAdmin. For the remaining roles, Governance relies on existing project roles.
The following roles are based on existing Domino project permissions:
-
Practitioners are existing Domino users who gain access to governed bundles through their project permissions. They create bundles, add artifacts and evidence, and submit bundles for review. Practitioners can’t create policies or approve stages.
-
Approvers review evidence and approve bundles at designated stages. When a practitioner requests a review, the approver receives a task assignment. Approvers can also create findings to document issues and track resolution. Any user listed in a policy or organization as an approver gains consumer-level access to projects with governed bundles.
The following table summarizes what each role can do in Governance:
| Permission | Practitioner | Approver | GovernanceAdmin |
|---|---|---|---|
Create governed bundles | Yes | No | Yes |
Add evidence and artifacts | Yes | Yes | Yes |
Submit bundles for review | Yes | No | Yes |
Review and approve stages | No | Yes | Yes |
Create findings | Yes | Yes | Yes |
Create and publish policies | No | No | Yes |
Access Governance APIs | Yes | No | Yes |
-
Work with bundles: package models and artifacts for review
-
Review and approve bundles: submit bundles for formal approval
-
Define policies: create and configure policies (for Governance administrators)
-
Audit Trail: review a log of user and system actions across the platform