Prefect Cloud’s Custom plan offers object-level access control lists (ACLs) to restrict access to specific users and service accounts within a workspace. ACLs are supported for blocks and deployments. Organization Admins and Workspace Owners can configure access control lists by navigating to an object and clicking manage access. When an ACL is added, all users and service accounts with access to an object through their workspace role will lose access if not explicitly added to the ACL. Viewing ACL for a deployment in the Prefect Cloud UI.
ACLs and visibilityObjects not governed by access control lists such as flow runs, flows, and artifacts are visible to a user within a workspace even if an associated block or deployment has been restricted for that user.
See the Prefect Cloud plans to learn more about options for supporting object-level access control.