Add Roles to Group via PachCTL
Before You Start #
- You must have an active Enterprise key
- You must have an Authentication Provider (IdP) set up that supports groups
- Review the Access Control (RBAC) Roles & Permissions.
- Confirm you have the right role(s) to grant a user access to a given resource (e.g., you have the
projectOwnerrole on a given project you wish to add other users to)
How to Assign Roles to a Group #
This guide uses Auth0 and assumes resources (projects, repositories) have already been created in your cluster.
-
Enable group management in your IdP of choice .
-
Update your connector config to include the appropriate attributes.
-
Update the config by running the following command:
pachctl idp update-connector <connector-id> --version 2 -
Grant the group roles by running the following command:
pachctl auth set <resource-type> <resource-name> <role-name> group:<group-name> -
Confirm the group’s roles were updated for the given resource:
Tip
pachctl auth get-groups lists the groups that have been defined on your cluster.