Skip to main content

Role Based Access Control (RBAC)

AvailableCloud with Teams add-onNot availableSelf-Managed Community (OSS)AvailableSelf-Managed Enterprise

Role Based Access Control allows a user with Administrative access to apply roles to users, granting different levels of permission within an organization or workspace.

RBAC roles do not require a customer to use SSO. These roles can be enabled on any organization.

Workspace Resource Roles

A user can have at most one role of this kind per workspace. Permissions are scoped to the specific workspace in which the user has this role.

PermissionsReaderEditorAdmin
Read Workspace
  • List the connections in a workspace
  • Read individual connections
  • Read workspace settings (data residency, users, connector versions, notification settings)
XXX
Modify Connector Settings
  • Create, modify, delete sources and destinations in a workspace
XX
Update Connection
  • Start/cancel syncs
  • Modify a connection, including name, replication settings, normalization, DBT
  • Delete a connection
  • Create/Update/Delete connector builder connectors
XX
Update Workspace
  • Update workspace settings (data residency, users, connector versions, notification settings)
  • Modify workspace connector versions
X

Organization Resource Roles

A user can have at most one role of this kind per organization. Permissions are scoped to the given organization for which the user has this role, and any workspaces within.

PermissionsOrganization MemberOrganization ReaderOrganization EditorOrganization Admin
Read Organization
  • Read individual organizations
XXXX
Create Workspace
  • Create new workspace within a specified organization
  • Delete a workspace
XX
Update Organization
  • Modify organization settings, including billing, PbA, SSO
  • Modify user roles within the organization
X

Self-Managed Enterprise: Instance Admin

The first user who logs on to Airbyte in Self-Managed Enterprise will be assigned the Instance Admin role. This user will have all permissions listed above for all workspaces and all organizations associated with their Enterptise instance. To update this assigment, enterprise customers should contact Airbyte support.

Was this page helpful?