Enterprise Permissions

The following permission sets are available for assignment in dbt Cloud

Project level permission sets

The following permissions may be assigned to groups at the project-level.

  • Admin:
    • Can create, read, update, and delete all objects in assigned projects
    • Can add groups with any permission to assigned projects
    • Implies GitAdmin, DatabaseAdmin, and TeamAdmin permissions sets
  • GitAdmin:
    • Can create, read, update, and delete the git repo in assigned projects
  • DatabaseAdmin:
    • Can create, read, update, and delete the database connection in assigned projects
    • Can create, edit, update, and delete deployment credentials in assigned projects
  • TeamAdmin:
    • Can create, read, update, and delete group membership in the project
    • Can only groups to assigned projects with Developer, Stakeholder, or TeamAdmin permissions
  • Developer:
    • Can access the IDE, configure personal developer credentials, and manage job definitions in assigned projects
  • Stakeholder:
    • Can access the documentation and source freshness reports for assigned projects

Account-wide permissions:

The following permissions are assigned outside the scope of any particular project, and apply to the entire account.

  • AccountAdmin
    • Create Projects
    • Create groups, assign SSO mappings between SSO groups and dbt Cloud groups
    • Manage notifications
    • Manage account-wide build artifacts