Skip to Content
Author's profile photo Former Member

Information Steward Security – Module (Tab) Level Restriction


This document describes, the step by step procedure to restrict the modules / tabs in Information Steward application as per developers / business users roles.


Generally, if a group of users are responsible to one module i.e., Data Insight / Metadata Management & Metapedia / Cleansing Package Builder / Match Review, they expect to see only the respective module (Tab) in Information Steward application. Some customers, for security reasons they are not interested to allow users to see / access all modules / Tabs. With the help of CMC security, we can restrict the Tabs in Information Steward as per User and Customer requirements, which enables flexibility, avoids confusion and enables tight security as per Customers expectations.

Step By Step Implementation

The below picture shows the Information Steward application before implementing the above said security.


1. User Group Creation – Module Specific:- Create User Groups in CMC specific to modules as described below:

  • DI_MODULE – User Group for Data Insight Users
  • MDM_MODULE – User Group for Metadata Management & Metapedia Users
  • CPB_MODULE – User Group for Cleansing Package Builder Users
  • MR_MODULE – User Group for Match / Data Review Users

2. Create Users – Module Specific:Create Users in CMC specific to modules as described below:


3. Role assignment to Users:– Assign appropriate role to user by making the user member to per-defined user groups (Data Insight User, Data Review Administrator, etc)


4. Add respective Users to respective User Groups:– After assigning the appropriate role to users, add the users to respective User Group as per the assigned role. In this example, the following users are mapped as shown below:

Role Assigned
Added to User Group
rkamurthy_di Data Insight Administrator DI_MODULE
rkamurthy_mdm Metadata Management Data Steward MDM_MODULE
rkamurthy_mp Metapedia Author MDM_MODULE
rkamurthy_cpb Cleansing Package Builder CPB_MODULE
rkamurthy_mr Data Review Configuration Manager MR_MODULE

5. Add User Groups to Information Steward Application:– As part of application security i.e., allowing users to access the specific application of CMC, add the user groups which we created above to Information Steward application.

Application Security.jpg

6. Restrict User Groups to Respective Information Steward Module:– This is the final step and import step to enable or disable the modules / tabs in Information Steward. The following table shows how the User Groups are restricted with respect to Information Steward modules:

Data Insight
Metadata Management
Match Review
Cleansing Package Builder
DI_MODULE Allow Restrict Restrict Restrict Restrict
MDM_MODULE Restrict Allow Allow Restrict Restrict
MP_MODULE Restrict Allow Allow Restrict Restrict
MR_MODULE Restrict Restrict Restrict Allow Restrict
CPB_MODULE Restrict Restrict Restrict Restrict Allow


Data Insight Module Restriction:


Metadata Management Module Restriction:


Restrict other modules as per the table explained above.

7. Result of the Security:– After implementing the above security, following screen shows how the modules are restricted as per the user role.

Data Insight User Screen:


Metadata Management User Screen:


Metapedia User Screen:


Cleansing Package Builder User Screen:


Match Review User Screen:




We can restrict the modules / tabs in the Information Steward application as per the customer requirement and can provide flexible GUI for developers with the help of above security method.


I am still in the process of testing this approach, if i found any issues or further improvements in the security model, will update in the next document.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Former Member
      Former Member

      By implementing this method I found the built-in security levels for Metapedia no longer functioned correctly. Meaning, the Metapedia User group now has Full Control in the Metapedia tab. Did you experience the same issue when testing these changes?

      Author's profile photo Former Member
      Former Member
      Blog Post Author

      Hi Don,

      The above method applies to all modules except Metapedia. In CMC, the Metapedia folder is part of Metadata Management, so it is not possible to apply restriction on Metapedia separately. To make use of built Metapedia security, don't apply this security method on Metapedia folder, apply on Matadata Management.



      Author's profile photo Zakir Hossain
      Zakir Hossain

      Hi Rama,

      Quick question for you, whenever I click on any of my SAP connections I see this view (external metadata) by default. Do you know where I can go and remove some of the folders like SAP_CA from this default view.


      Thank you!