Terraspace Cloud Permissions: Review Permissions
Terraspace Cloud Permissions are designed to be quite flexible and is designed to work with the way Terraspace works.
With a terraspace project, you define stacks and deploy different instances of these stacks like one for
TS_ENV=prod. The system is allows you to finely scope these permissions.
|projects||Your terraspace project name is configured with a config, IE:
|envs||This allows you to target which environments, IE:
|apps||This allows to target which applications, users have permissions and access to. If you’re leveraging the Terraspace
|stacks||This allows to target which stacks, users have permissions and access to. This is the stack being deploy. IE:
Example: dev and prod team
A decent starting set of permissions is to create 2 teams: dev and prod.
dev team permissions:
projects=* envs=dev apps=* stacks=*
prod team permissions:
projects=* envs=prod apps=* stacks=*
- Then assign only users who should have access to dev to the dev team.
- Assign users will access to both dev and prod to both dev and prod teams.
Next, we’ll create a user token.