Currently, Fivetran's RBAC system provides permissions that are applied globally at the account, connector, and destination levels. However, our organization requires more granular control to achieve the following functionality:

1. Create New Connectors and Destinations: Users should be able to create new connectors and destinations.

2. Manage Own Connectors and Destinations: Users should be able to manage only the connectors and destinations they have created.

3. View Others' Connectors and Destinations: Users should be able to view connectors and destinations created by others, but not manage them.

The current RBAC model, even with custom roles, does not allow us to apply these permissions at the resource level. Permissions are still granted at a global level, meaning that if a user has management permissions, they will have control over all connectors and destinations, not just their own.

Use Case:

We are managing multiple teams and need to ensure that users can:

• Create and manage only their own connectors/destinations.

• View but not modify connectors/destinations created by others.

Benefit:

This would enable more granular, secure, and flexible access control for teams using Fivetran, allowing them to collaborate without inadvertently giving one team or user access to resources that belong to others.

Current Workaround:

While waiting for this feature, we are manually granting Manage access to specific connectors/destinations and keeping all other connectors in a View-only state for users. This process is inefficient and not scalable as the number of connectors and destinations grows.

Request:

Please consider adding resource-level access control to Fivetran's RBAC system for more flexible and secure management of connectors and destinations. This would be a crucial enhancement for organizations like ours that need to maintain fine-grained access control.