Workspace RBAC
Users are able to control who have different types of access to the Workspace in a project. in order to do that, create/edit a Role, and select the "Infrastructure as Code Management" section
For each Role, you can define the following set of permissions:
- View - Giving users the permission to view thw Workspaces in the project
- Create/Edit - Giving users the permission to create and edit Workspaces in the project
- Delete - Giving users the permission to delete Workspaces in the project
- Edit Variables - Giving users the permission to create and edit Environment and Terraform variables
- Delete Variables - Giving users the permission to delete Environment and Terraform variables
- Approve - Giving users the permission to approve Infrastructure Stage (using the approval step)
- Access State - Giving users the permissions to view the state (including historical revisions)
Using Resource Groups
Users can utilize Resource Groups functionality to specify which users can access a specific Workspace. To do that, users should create a resource group, add the specific (or all) Workspaces, and bind it to a specific user or user group.
To learn more about Resource Groups, refer to this documentation