Ability to manage granular workspace permissions for teams #847
Comments
|
If you add a team to an organization and you don't select any permission, it will be like the same effect it will only have "read access" |
Correct - I think this more like, could we extend a single organization to support several RBAC's instead of having to sprawl to another org when we want multiple "Workspace Management" Teams that will manage different subsets of workspaces. |
|
That could be an improvement, but I think it will require a lot of changes because of the way the java framework (elide) that we are using manage the access permission for that part of the code. If you want to do some automation for the team and org configuration maybe you can use the Terrakube provider as an alternative if you need to manage a lot of orgs and teams https://registry.terraform.io/providers/AzBuilder/terrakube/latest/docs/resources/team |
Okay - that is a fair point. Then I would pivot to say, as an |
|
Yeah that could a small change in the UI I like that idea. It will only need to update this part of the react code I guess https://github.com/AzBuilder/terrakube/blob/main/ui/src/domain/Home/MainMenu.jsx |
alfespa17
added
terrakube-ui
help wanted
^ This would be a really nice feature-add! |
Feature description 💡
Instead of manage workspace permission, two new permissions are added:
Each permission has the ability to select the workspaces that apply to that permission
ex.
Team 1 Admin of Terrakube: Has the ability to view/manage all workspaces
Team 2 Admin of X amount of workspaces
Team 3 Read of X amount of workspaces
This helps filter out larger organization and manage RBAC at the workspace level
Anything else?
No response
The text was updated successfully, but these errors were encountered: