Job permissions management

With dbx you can manage permissions of your job during the dbx deploy step. Please note that dbx uses Permissions API under the hood, so your permission settings should follow that API description.

We’re using the PUT method of this API method to make the deployment process consistent.

To enable permission settings during deploy, simply add "permissions" section into your job definition. Please note that payload under this section shall be compliant with Permissions API.

{
    "<environment-name>": [
        {
            "name": "some-job-with-permissions",
            // this section shall have a permissions key
            "permissions": // here goes payload compliant with Permissions API
            {
                "access_control_list": [
                    {
                        "user_name": "some_user@example.com",
                        "permission_level": "IS_OWNER"
                    },
                    {
                        "group_name": "some-user-group",
                        "permission_level": "CAN_VIEW"
                    }
                ]
            }
        }
    ]
}

environments:
  <environment-name>:
    strict_path_adjustment_policy: true
    jobs:
      - name": "some-job-with-permissions"
        ## this section shall have a permissions key
        permissions:
          ## here goes payload compliant with Permissions API
          access_control_list:
            - user_name: "some_user@example.com"
              permission_level: "IS_OWNER"
            - group_name: "some-user-group"
              permission_level: "CAN_VIEW"

Note that the access control list must be exhaustive, so the job owner should be added to the list as well as added users/user groups permissions.