In production workspaces, many teams need to allow business users, QA analysts, or operational support teams to trigger (execute) pipelines without giving them full Contributor access, which includes edit permissions. Currently, the default roles like Viewer do not allow pipeline execution, and Contributor allows full modification — creating a security and governance challenge.

Introduce an “Execute-Only” permission at the artifact (pipeline) level, which would allow users to:Trigger pipeline runs on-demand

• View execution history, logs, and run status

• Not modify the pipeline, datasets, or linked resources

This permission should be assignable at the individual pipeline level, so users can be restricted to only the pipelines they are authorized to execute.