Permission

Description

CDS permissions system uses a Role-based Access Control (RBAC).

You will be able to manage all CDS resources, included ascode resources. For example, if a user updates your workflow files on your repository but doesn’t have permission to do so, his changes will be discarded.

You can manage permissions on all CDS resources through 5 sections:

CLI

Permissions can be managed by CDS cli.

Permission

You need the permission manage-permission to be able to created/update/delete a permission

Yaml Example

name: my-full-permission
global:
  - role: manage-permission
    users: [foo]
hatcheries:
  - role: start-worker
    region: nyc-infra
    hatchery: my-swarm-hatchery
projects:
  - role: read
    all: true
    users: [foo]
    groups: [grpFoo]
  - role: manage-workflow
    users: [foo]
    projects: [PROJ_KEY1, PROJ_KEY2]
regions:
  - role: execute
    region: nyc-infra
    all_users: true
    organization: US
workflows:
  - role: trigger
    all_users: true
    project: PROJ_KEY1
    all_workflows: true
    users: [foo]