Access Control for Notebook
Notebook access scopes, roles, operations, access control rules.
Access Scopes for Notebooks
The access control for notebooks vary depending on the access scopes. There are four types of access scopes for notebooks:
| Scope | Description |
|---|---|
Workspace | Notebooks linked to the workspace. |
Teamspace | Notebooks linked to a teamspace. |
Private | Notebooks linked to a user. |
Shared | Notebooks that are directly shared to specific users or groups. |
Roles for Notebooks
The notebook access control are determined by the roles corresponding to the access scopes (e.g., workspace.Viewer, teamspace.Editor). Therefore, notebook roles to each notebooks exist only for shared notebooks.
| Role Name | Summary |
|---|---|
notebook.shared.Editor | Can edit notebooks that are directly shared by someone. |
notebook.shared.Viewer | Can view notebooks that are directly shared by someone. |
Notebook Operations and Access Control Rules
Below are the operations that can be performed with notebooks and the corresponding roles required for each scope.
Executing SQL written in a Notebook and retrieving its results are determined by the access rights on the Connection, regardless of the access right on the Notebook itself. Therefore, please refer to the Connection page.
| Operations | scope: Workspace | scope: Teamspace | scope: Private | scope: Shared |
|---|---|---|---|---|
View notebook contents (exclude results of SQL). Comment on notebooks. | workspace.Viewer | workspace.Viewer AND teamspace.Viewer | workspace.Editor | workspace.Viewer AND notebook.shared.Viewer |
Edit notebooks (exclude running SQL). | workspace.Editor | workspace.Editor AND teamspace.Editor | workspace.Editor | workspace.Editor AND notebook.shared.Editor |
Create, move, and delete notebooks, manage folders. | workspace.Editor | workspace.Editor AND teamspace.Editor | workspace.Editor | N/A |
Share notebooks directly to specific users or groups. | N/A | workspace.Viewer AND teamspace.Editor | workspace.Editor | N/A |
Last updated