Role-based access control (RBAC)
You can control who has different types of access to the Workspace in a project. Create/edit a Role, and select the "Infrastructure as Code Management" section
For each Role, you can define the following set of permissions:
- View - Permitting users to view the Workspaces in the project
- Create/Edit - Permitting users to create and edit Workspaces in the project
- Delete - Permitting users to delete Workspaces in the project
- Edit Variables - Permitting users to create and edit Environment and Terraform variables
- Delete Variables - Permitting users to delete Environment and Terraform variables
- Approve - Permitting users to approve the Infrastructure Stage (using the approval step)
- Access State - Permitting users to view the state (including historical revisions)
Using Resource Groups
You can utilize Resource Groups functionality to specify which users can access a specific Workspace. For this, create a resource group, add the specific (or all) Workspaces, and bind it to a specific user or user group.
To learn more about Resource Groups, go to this documentation