Database Permission

This feature is available in Enterprise Plan.

Bytebase is a middleware sitting between users and databases. It provides a fine-grained database permissions. Bytebase enforces database permissions via change approval flow and SQL Editor. You can use Bytebase to manage persistent database permissions as well as implement Just-in-Time (JIT) database access workflow.


Database permission controls individual users' or groups' actions within the database. Below shows the built-in roles' database permissions.

RoleEXPLAINQueryExportMutation DMLDDLAdmin
Workspace Admin✅✅✅✅✅✅
Workspace DBA✅✅✅✅✅✅
Project Owner✅✅✅✅✅
Project Developer**
Project Querier✅✅✅✅
Project Exporter✅
Project Releaser
Project Viewer

* Project Developers can't execute DML and DDL directly in SQL Editor. On the other hand, they can request DML/DDL change by creating an issue.


You can also pick out specific permissions to build custom roles. e.g. create a custom role that grants only the EXPLAIN permission.

Access LevelOperationPermission
ReadEXPLAINsql.explain
Querysql.select
Exportsql.export
Write (subject to execution mode)Mutation DMLsql.dml
DDLsql.ddl
AdminAdminsql.admin
Request change for reviewCreate Issueissues.create
Edit this page on GitHub

Subscribe to Newsletter

By subscribing, you agree with Bytebase's Terms of Service and Privacy Policy.