Assign a manager role who can only roll out issue but not query or change database.
A typical requirement is to create a Manager
role in Bytebase who can only roll out issue but not query or change database. This tutorial will show you how to achieve this with two approaches:
Log in Bytebase, go to IAM & Admin > Custom Roles. You’ll see that besides three Workspace level roles: Admin/DBA/Member; at Project level, Bytebase also predefined several system roles:
You may find the Project Releaser
is the role our customer wants to create. So the easiest way is to use this role directly along with another step config: Go to Environments, select the environment and go to Rollout Policy section. Check Manual rollout by dedicated roles and Project releaser
. For Manual rollout, you need to have Pro or Enterprise Plan licenses.
Now, the role is ready. There are two ways to assign this role to our manager.
You can assign the Project Releaser
role to the manager at the Workspace level. Then the manager will
obtain the Project Releaser
role for all projects.
Create the user if not added yet. Go to IAM & Admin > Users & Groups, click Add User.
Go to IAM & Admin > Members click Grant Access.
If you want to assign the role to the manager user for a single project, go to the project > Manage > Members, click Grant Access.
What if you want to create a custom role with slightly differet permissions or you just want to rename it as a manager role?
Go to IAM & Admin > Custom Roles, and click Add Role button on the top right.
Click Import from role, here you choose Project releaser
and click Confirm. The related permissions will be imported.
As a manager, you can add two more permissions: auditLogs.search
and auditLogs.export
. Click Add.
Go back to Environments, select the environment and go to Rollout Policy section. Check Manual rollout by dedicated roles and Custom project roles > Project Manager.
The same as for Project Releaser
, you can assign the role to our manager user at Workspace or Project level.
By utilizing either a system predefined role or creating a custom role, you can grant permissions for database rollout while restricting query and modification access.
Assign a manager role who can only roll out issue but not query or change database.
A typical requirement is to create a Manager
role in Bytebase who can only roll out issue but not query or change database. This tutorial will show you how to achieve this with two approaches:
Log in Bytebase, go to IAM & Admin > Custom Roles. You’ll see that besides three Workspace level roles: Admin/DBA/Member; at Project level, Bytebase also predefined several system roles:
You may find the Project Releaser
is the role our customer wants to create. So the easiest way is to use this role directly along with another step config: Go to Environments, select the environment and go to Rollout Policy section. Check Manual rollout by dedicated roles and Project releaser
. For Manual rollout, you need to have Pro or Enterprise Plan licenses.
Now, the role is ready. There are two ways to assign this role to our manager.
You can assign the Project Releaser
role to the manager at the Workspace level. Then the manager will
obtain the Project Releaser
role for all projects.
Create the user if not added yet. Go to IAM & Admin > Users & Groups, click Add User.
Go to IAM & Admin > Members click Grant Access.
If you want to assign the role to the manager user for a single project, go to the project > Manage > Members, click Grant Access.
What if you want to create a custom role with slightly differet permissions or you just want to rename it as a manager role?
Go to IAM & Admin > Custom Roles, and click Add Role button on the top right.
Click Import from role, here you choose Project releaser
and click Confirm. The related permissions will be imported.
As a manager, you can add two more permissions: auditLogs.search
and auditLogs.export
. Click Add.
Go back to Environments, select the environment and go to Rollout Policy section. Check Manual rollout by dedicated roles and Custom project roles > Project Manager.
The same as for Project Releaser
, you can assign the role to our manager user at Workspace or Project level.
By utilizing either a system predefined role or creating a custom role, you can grant permissions for database rollout while restricting query and modification access.