Access Control for Notebook

Notebook access scopes, roles, operations, access control rules.

Access Scopes for Notebook

The access control for notebooks vary depending on the access scope. There are four types of access scopes for notebooks:

Scope
Description

Workspace

Notebooks linked to the workspace

Teamspace

Notebooks linked to a teamspace

Private

Notebooks linked to a user

Shared

Notebooks that are directly shared with specific users or groups

Roles for Notebooks

Notebook access control is determined by roles corresponding to the access scopes, such as workspace.Viewer or teamspace.Editor. However, specific notebook roles like notebook.shared.Editor and notebook.shared.Viewer are only relevant for shared notebooks. These roles are used when a notebook is directly shared with specific users or groups. In other access scopes (Workspace, Teamspace, and Private), notebooks are managed by broader access permissions rather than specific roles.

Role Name
Summary

notebook.shared.Editor

Can edit notebooks that are directly shared by someone

notebook.shared.Viewer

Can view notebooks that are directly shared by someone

Notebook Operations and Access Control Rules

Below are the operations that can be performed with notebooks and the corresponding roles required for each scope.

Executing SQL written in a Notebook and retrieving its results are determined by the access rights on the Connection, regardless of the access right on the Notebook itself. Therefore, please refer to the Connection page.

Operations
scope: Workspace
scope: Teamspace
scope: Private
scope: Shared

View notebook contents (exclude results of SQL).

Comment on notebooks.

workspace.Viewer

workspace.Viewer AND teamspace.Viewer

workspace.Editor

workspace.Viewer AND notebook.shared.Viewer

Edit notebooks (exclude running SQL).

workspace.Editor

workspace.Editor AND teamspace.Editor

workspace.Editor

workspace.Editor AND notebook.shared.Editor

Create, move, delete notebooks and manage folders.

workspace.Editor

workspace.Editor AND teamspace.Editor

workspace.Editor

N/A

Share notebooks directly with specific users or groups.

N/A

workspace.Viewer AND teamspace.Editor

workspace.Editor

N/A

Last updated