Create and Assign non-admin roles to users
It is now possible to create roles and assign users to those roles. You can now restrict access to configuration tab - secrets, privilege to invite new users, integrations within the CD-as-a-Service portal. Creating roles can be done by creating an armory config file as shown below. Documentation for the feature is still in progress, but you can use the syntax shown here to create new roles.
roles: - name: Potato Facts Role tenant: main grants: - type: api resource: deployment permission: full - name: Potato Lies Role tenant: main grants: - type: api resource: organization permission: full
The file can live in your source control and be applied to armory by using the armory CLI command
armory config apply -f config.yaml
Users can be assigned roles when they are being invited, or can be assigned new roles from the Users tab. Only admin users can view the Configuration tab in the CD-as-a-Service UI.
Users signing in with SSO will get the permissions of any roles that have the same name as one of their groups.