What is Model contracts and access controls in dbt?

dbtdata~5 mins

Model contracts and access controls in dbt

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Model contracts help ensure data quality by defining clear expectations for data models. Access controls keep data safe by limiting who can see or change it.

When you want to make sure your data models always have the right columns and data types.

When multiple people work on data models and you want to avoid mistakes.

When you need to protect sensitive data from unauthorized users.

When you want to track who can update or view specific data models.

When you want to automate checks to catch errors early in your data pipeline.

Syntax

dbt

version: 2
models:
  - name: your_model_name
    columns:
      - name: column_name
        tests:
          - not_null
          - unique
    access:
      grants:
        - select: [user_or_role]
        - insert: [user_or_role]

The version: 2 is required for dbt schema files.

Model contracts are defined in the schema.yml file alongside tests and access controls.

Examples

This example sets a contract that customer_id cannot be null or duplicated. Only users with analyst_role can select data from this model.

dbt

version: 2
models:
  - name: customers
    columns:
      - name: customer_id
        tests:
          - not_null
          - unique
    access:
      grants:
        - select: [analyst_role]

This example requires sale_amount to have values and allows the sales team to view data but only data engineers to insert new data.

dbt

version: 2
models:
  - name: sales
    columns:
      - name: sale_amount
        tests:
          - not_null
    access:
      grants:
        - select: [sales_team]
        - insert: [data_engineer]

Sample Program

This schema file defines a model contract for the orders model. It checks that order_id is unique and not null, and order_date is not null. It also controls access so only the reporting team can view data and only data admins can update it.

dbt

version: 2
models:
  - name: orders
    columns:
      - name: order_id
        tests:
          - not_null
          - unique
      - name: order_date
        tests:
          - not_null
    access:
      grants:
        - select: [reporting_team]
        - update: [data_admin]

OutputSuccess

Important Notes

Model contracts help catch data issues early by running tests automatically.

Access controls in dbt depend on your data warehouse permissions; dbt helps organize them but actual enforcement is done by the warehouse.

Keep your contracts and access controls updated as your data and team change.

Summary

Model contracts define rules for data quality in your dbt models.

Access controls limit who can see or change your data models.

Both help keep your data reliable and secure.