The legacy Permissions Management (RBAC) system will be deprecated on October 31, 2026. RudderStack recommends completing your migration before this date.
Data Privacy (PII) permissions follow the same import strategy:
Import members: Data Privacy permissions from legacy member roles and allowlists are not preserved. You will need to review and configure PII permissions in the staging area before deploying the new Access Management system.
Import members with policies: Existing Data Privacy permissions are imported as part of each member’s workspace policy mapping. Members on a workspace’s Data Privacy allowlist receive workspace-wide PII permissions for Event Stream Sources, Destinations, and Transformations.
Make sure you’ve reviewed and configured all permissions correctly before deploying. After deployment, the new Access Management system will be active and the legacy RBAC system will no longer be available.
Review your staging area configuration to ensure all access policies are configured correctly.
In the Migration Progress section, click Deploy.
Confirm the deployment when prompted.
Once migration is complete, you will see the following banner:
After migration, you can use the new Access Management system to change access policies — updates apply in the workspace immediately.
Manage permissions after migration
Once migration is complete, you can:
Configure your Baseline Workspace Policy that automatically applies to all new members joining that workspace
During migration, the new Access Management system is in Preview Mode — a staging area where you configure and preview policies before deployment. The dashboard shows a Preview Mode badge on the Access Management page while you are in staging.
In Preview Mode, you can:
Review how your current permissions map to the new system
Until you deploy, your existing RBAC permissions remain in effect for all live access.
In Preview Mode, new members invited through the Access Management system will not get workspace access until you deploy. To invite users immediately, use the Invite users flow in the RBAC system.
Click Reset staging area to clear all imported members and policy configurations and restart the migration process from scratch.
Troubleshooting
Issue
Solution
Import fails or does not complete
Try resetting the staging area and import again
Deploy button is disabled
Make sure the import step has completed successfully
Permissions don’t match expectations
Make sure you have selected the right import strategy. Reset the staging area and try again, if required
Review the How Migration Works guide to understand how permissions are mapped
You can also adjust member policies after deployment
See more
How Migration Works: Learn about the technical process of migration and what happens after deployment
This site uses cookies to improve your experience while you navigate through the website. Out of
these
cookies, the cookies that are categorized as necessary are stored on your browser as they are as
essential
for the working of basic functionalities of the website. We also use third-party cookies that
help
us
analyze and understand how you use this website. These cookies will be stored in your browser
only
with
your
consent. You also have the option to opt-out of these cookies. But opting out of some of these
cookies
may
have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This
category only includes cookies that ensures basic functionalities and security
features of the website. These cookies do not store any personal information.
This site uses cookies to improve your experience. If you want to
learn more about cookies and why we use them, visit our cookie
policy. We'll assume you're ok with this, but you can opt-out if you wish Cookie Settings.
