Greetings.
In our environment, we are looking to limit the access to certain projects or variables to new users who will begin to use our Octopus Server, but in the User Role section I can only see space-related roles, is there a way to restrict projects and their variables by user roles or another feature? if there isn’t, the only way would be separate those projects in different spaces with their unique user roles?
I really appreciate any help you can provide.
Hey Andres, hope all is well!
Let me ask you a couple of questions to make sure I understand where you’re coming from.
Is your ultimate goal is to have a more restrictive set of permissions for new users, but eventually move them to a more normalized set of permissions with broader access (For example, moving someone from Onboarding Developer (permissions only in dev environment) to Standard Developer/Lead Developer (permissions in dev/test/staging, as an example)) ? Or is your goal to have a specific group of individuals with more restrictive sets (for example, business analysts, who may need dashboard visibility, but not deployment/variable permissions)?
Look forward to hearing back and working through your goals! In the meantime, I can wholeheartedly recommend reading this excellent best practices guide around users, roles and teams. It even includes some sample RBAC approaches that match common requests we’ve seen, which can be helpful for wrapping your head around the Octopus permissions model.
Thanks for the response! My objective is as you mention, I would like to have specific groups of individuals with more restrictive sets without moving too much in time.
Based on the link you provide me, the right answer appears to be the use of teams with their respective User Roles and Scopes so I will be testing it from now on, thank you very much.
Yeah, you’re spot on. Creating teams with their own user role scopes is the recommended method for managing complex requirements across teams.
Give it a shot, and feel free to reach out if you run into any issues or troublesome spots - we’re happy to assist!