Built-in Roles

The scheduler-administrator or redwood-administrator built-in role provides full control over Azure Data Factory.
The scheduler-viewer built-in role provides read-only access to Azure Data Factory.

Creating, Modifying, and Deleting Azure Data Factory

You need all of the following privilege ranks to be able to create, modify, and delete Azure Data Factory:

The scheduler-administrator or redwood-administrator built-in role provides full control over all Azure Data Factory connections.

You need all of the following privilege ranks to be able to create and modify Azure Data Factory connections:

View - on partitions GLOBAL and REDWOOD.
View - on application REDWOOD.Redwood_DataFactory.
View - on library REDWOOD.Redwood_DataFactory.
View - on the existing Azure Data Factory process server and queue, if applicable.
Create - on process server and queue if a new process server and queue are required.
Submit - on process definition Sharepoint_Configure.
Either:
- Create - on credential in the REDWOOD partition if a credential needs to be created.
- Edit - on credential in the REDWOOD partition if a credential needs to be modified.

You need all of the following privilege ranks to be able to use an Azure Data Factory connection:

View - on partitions GLOBAL and REDWOOD.
View - on application REDWOOD.Redwood_DataFactory.
View - on REDWOOD.Redwood_DataFactory library.
Submit - on process definitions REDWOOD.DataFactory_ImportJobTemplate, REDWOOD.DataFactory_ShowPipelines, REDWOOD.DataFactory_RunPipeline, and/or REDWOOD.DataFactory_Template (depending on the functionality you want).
View - on the process server of the Azure Data Factory connection.
JobAdministrator - on the queue of the Azure Data Factory component.
View - on credential in the REDWOOD partition or on the credential to use.