# Governance and Security

## Creating roles for governance

As the tenant admin, you have the ability to create role schemas that govern specific access to reports or permissions possessed by your users.

To manage these roles in your tenant navigate to Administration section and select 'Roles'.

Role schemas can be categorized into three buckets:

* User group: These roles - Tenant Admin, Report Admin, User Admin, and User - grant users access and permissions to specific areas within the system. 
* Report group: These roles are attached to reports and users in your tenant. Users can embed reports if they possess the same role attached to the report.
* Row-Level Security group: These roles, used with the Service Principal, ensure that users with specific Row-Level security only access the necessary information from the report.

<figure><img src="/files/30RcNbyPZ8wzP1tvieIk" alt=""><figcaption><p>Create role</p></figcaption></figure>

<figure><img src="/files/pw2enX832J90txE6azp4" alt=""><figcaption><p>Define permissions to role</p></figcaption></figure>

<figure><img src="/files/lGYEmUsnCLnIKtSq3lx1" alt=""><figcaption><p>Overview of roles</p></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://uidata.gitbook.io/datacentral-knowledge-center/deployments/tenant-step-by-step/governance-and-security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.