Marketplace stores can be either local to your Foundry Enrollment or remote. A local Marketplace store can be found in either a Project or Folder and will inherit the permissions of the Project or Folder in which it is situated. Remote stores are created on one Foundry enrollment and then made available on other enrollments. Permissions for remote stores are configured in Control Panel. Learn more about configuring access to remote stores.
To view a local Marketplace store in either DevOps or Marketplace, you need to have the marketplace:read-local-marketplace operation, which is normally granted with the Viewer role. View permissions for a remote store are configured in Control Panel.
To install products from either a local or remote store, you must be able to view the store and have the marketplace:install-from-local-marketplace operation, which is normally granted with the Viewer role.
For every resource selected as an input to this installation, you must have the marketplace:use-resource-as-input operation, which is also normally granted with the Viewer role.
Additionally, the locations where you can install, typically the Space and Ontology, require the marketplace:install-in operation, which is usually granted with the Editor role.
With each installation, Marketplace will either create a new project in the selected Space or install into an existing project. To do this, you will need the marketplace:install-in operation on the Space, chosen Project, or Folder. This permission is typically granted with the Editor role.
You must also have access to at least one Organization marking present on the store. However, these markings are usually inherited from the Project.
A Marketplace store must include all the relevant Organization markings for the Spaces in which you want to install into. For instance, if you want to install the store into a Space containing organizations A and B, but the Marketplace store only has Organization A's marking, you will need Expand access permissions for Organization A, as you are extending the content from Organization A to B. During the installation, you can opt to apply only Organization A's marking to your product installation, which would eliminate the need for expanding access permissions. Alternatively, you can add Organization B's marking to the store, but this option would allow more users to install products from the store.
To create a local store, you must have the marketplace:create-local-marketplace operation in a Project or Folder, which is normally granted with the Editor role.
Currently, remote stores can be created only by Palantir.
To create or edit products in a local store, a user must have the marketplace:create-block, marketplace:edit-block-set and marketplace:upload-attachment operations, which will usually be granted to the Editor role.
Remote stores are not editable in DevOps.
To export products from a local store, a user must have the marketplace:export-block-set operation, which will usually be granted to the Owner role. Currently, a user cannot export products from a remote store.
To import products to a local store, a user must have the marketplace:import-blockset-with-provenance operation, which will usually be granted to the Owner role. Currently, a user cannot import products to a remote store.