Database Permission
This feature is available in Enterprise Plan.
π Tutorial - How to Manage Data Access for Developers
Database permission controls individual users' or groups' actions within the database. Below shows the built-in roles' database permissions.
| Role | EXPLAIN | Query | Export | Mutation DML | DDL | Admin |
|---|---|---|---|---|---|---|
| Workspace Admin | β | β | β | β | β | β |
| Workspace DBA | β | β | β | β | β | β |
| Project Owner | β | β | β | β | β | |
| Project Developer | * | * | ||||
| Project Querier | β | β | ||||
| Project Exporter | β | |||||
| Project Releaser | ||||||
| Project Viewer |
* Project Developers can't execute DML and DDL directly in SQL Editor. On the other hand, they can request DML/DDL change by creating an issue.
You can also pick out specific permissions to build custom roles. e.g. create a custom role that grants only the EXPLAIN permission.
| Access Level | Operation | Permission |
|---|---|---|
| Read | EXPLAIN | databases.queryExplain |
| Query | databases.query | |
| Export | databases.export | |
| Write (subject to execution mode) | Mutation DML | databases.queryDML |
| DDL | databases.queryDDL | |
| Request change for review | Create Issue | issues.create |
| Admin | Admin | instances.adminExecute |
