Tutorial: Just-in-Time Database Access

 Bytebase is a middleware sitting between users and databases. It provides a fine-grained database permissions. Bytebase enforces database permissions via change approval flow and SQL Editor. You can use Bytebase to manage persistent database permissions as well as implement Just-in-Time (JIT) database access workflow.
Database permission controls individual users’ or groups’ actions within the database. Below shows the built-in roles’ database permissions.
RoleEXPLAINQueryExportMutation DMLDDLAdmin
Workspace Admin
Workspace DBA
Project Owner
Project Developer**
SQL Editor User
Project Exporter
Project Releaser
Project Viewer
* Project Developers can’t execute DML and DDL directly in SQL Editor. On the other hand, they can request DML/DDL change by creating an issue.
You can also pick out specific permissions to build custom roles. e.g. create a custom role that grants only the EXPLAIN permission.
Access LevelOperationPermission
ReadEXPLAINsql.explain
Querysql.select
Exportsql.export
Write (subject to execution mode)Mutation DMLsql.dml
DDLsql.ddl
AdminAdminsql.admin
Request change for reviewCreate Issueissues.create