Airplane's permissioning system allows for fine-grained, role-based access control for small and large organizations alike.


Permissions can be assigned directly to users or to groups of users. It's recommended that you assign permissions to groups instead of users, so that new users simply have to be added to the right group(s) instead of individual tasks, runbooks, etc.
For more information, see Groups.

Team permissions

By default, users on teams have limited permissions. Tasks and runbooks with permissions set to "team access" can be viewed and executed by users.
For elevated permissions, groups can be assigned roles:
  • Team admin, has full control over the team including users, permissions, and updating tasks/runbooks.
  • Team developer, has similar access to team admin minus user management.
Users can be added to groups to inherit these permissions. (Note that, at this time, users can't be directly assigned team-level roles and must be added to a group.)
See Team roles for details.

Task and runbook permissions

When creating/editing a task or runbook, click Advanced to configure granular group-based or user-based permissions for the task:
There are four roles that any user or group can be assigned for a task:
  • Viewers can see task/runbook information, but can't request or execute tasks/runbooks.
  • Requesters have all the permission of viewers, and can also request tasks/runbooks.
  • Executers have all the permissions of requesters, and can also execute tasks/runbooks and others' requests.
  • Admins have full access to the task/runbook, and can change configurations and permissions.

Run and session permissions

When executed, tasks and runbooks produce runs and sessions, respectively, and these can have granular permissions assigned to determine who can view them.
The default permissions for a run can either be set to task-viewers or task-participants:
  • Task viewers (default) Anyone who can view the task can also view the run. This means that if the task is team-accessible, the run can be viewed by anyone on the team. If the run has explicit permions enabled, all Viewers on the task can also view any run of the task.
  • Task participants Can only be viewed by those who execute, request, or approve the run. This is useful for runs that contain sensitive information, such as credentials, that should only be viewed by those who are directly involved in the run, and not by anyone who can view the task.
The default permissions for a runbook session is always Session viewers which has the same behavior as Task viewers.
// my_task.airplane.ts
export default airplane.task(
slug: "my_task",
defaultRunPermissions: "task-participants",
async () => {...}
Once a run is created, its permissions can be edited from the sidepanel (e.g. select "Shared with team"):
This is helpful if you have a locked-down task or runbook but want to selectively share the run or session output with specific users or groups:

Requests and approvals

The Requester role allows for a balance between safety and access. For a given task or runbook, a Requester can find that task in Airplane, fill out the parameters, but instead of running it directly, the task/runbook must then get approved by an Executer or Admin. The "Requests" page in the top navbar shows you a list of requests that you've sent as well as those from your teammates that require your approval: