The current permission group system within Fivetran lacks granular control over connector-level actions. Specifically, the ability to define custom permissions for "Create," "Read," "Update," and "Delete" operations is currently limited. This restriction hinders organizations from implementing fine-grained access control policies for their data integration workflows.

Problem:

• Limited Granularity: The existing "Edit" permission group often provides more access than desired. For example, users with "Edit" permissions may inadvertently or maliciously delete connectors, which can disrupt data pipelines and cause data loss.
• Inflexible Permissions: The inability to exclude specific operations (e.g., "Delete") within a permission group limits the ability to enforce security best practices and tailor access control to specific roles and responsibilities.
• Reduced Security Posture: The lack of fine-grained control increases the risk of unauthorized modifications or deletions of critical connectors, potentially impacting data integrity and operational stability.

Proposed Solution:

Introduce more granular permission controls for connectors within Fivetran, allowing administrators to:

• Define custom permission sets: Create and manage custom permission sets that include or exclude specific operations ("Create," "Read," "Update," "Delete") for each connector.

Benefits:

• Improved Security: Enhanced control over connector-level actions will significantly improve the security posture of Fivetran deployments.
• Increased Flexibility: Organizations can tailor access control to specific roles and responsibilities, aligning with their security policies and operational needs.
• Reduced Risk: Minimize the risk of unauthorized modifications or deletions of critical connectors, improving data integrity and operational stability.
• Enhanced User Experience: Provide a more intuitive and flexible user experience for managing connector permissions.

Technical Considerations:

• Implementation: Develop a robust and scalable mechanism for defining, managing, and enforcing custom connector permissions.
• User Interface: Design an intuitive user interface for creating, assigning, and managing custom permission sets.
• Documentation: Provide comprehensive documentation and support for the new permission control features.

Conclusion:

Implementing these enhanced permission controls will be a valuable addition to the Fivetran platform, providing organizations with greater flexibility, security, and control over their data integration workflows.