Hi! If I want to have user specific access to Secrets in prefect cloud I need to use enterprise subscription, correct?

There is no specific UAC on secret blocks - more so workspaces - so typically only certain users have access to a production workspace

Correct - but RBAC permissions are only "View blocks" or "Create/edit/delete blocks". I don't believe we give the ability to control individual block access (yet). In Organization or Enterprise tier you have the runner role which is limited to starting & viewing flows.

How would you implement multiple users having access to prod workspace, but when they run flows they should use secrets that are connected to their user?

not sure I quite understand your end goal

user A and B both have access to some production database. When user A runs the prefect flow (locally), the credentials of user A should be used. E.g we want to be able to see who accessed our production db at which point

can use a .env file locally without loading a block

yes I mean it can be done without Prefect Secrets, I found it to be quite convenient.

nothing stopping you dynamically loading a different block using some other value from somewhere - as long as all the blocks have the same kv's should be ok

you mean having two blocks like "credentials-userA" and "credentials-userB"? Nothing would stop user A from using credentials of user B

true true

@Taylor Curran, do you know how I would adapt this to my pattern possibly?