User management documentation #288
Draft
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jakubdal
reviewed
Jul 19, 2023
docs/getting-started.md
Outdated
|
|
||
| Name the policy and select "Login policy" as the type. | ||
| !!! note | ||
| It's important to know that all invites sent and access rules assigned won’t work until you [change management](concepts/user-management/README.md#migrating-from-login-policy) strategy from login policy to user management. |
There was a problem hiding this comment.
all invites sent -> all invites issued - they'll be sent only after changing the strategy. Probably worth a note.
I'd make [change user management strategy] a link (longer hyperlink text message).
docs/integrations/chatops/slack.md
Outdated
| Using Manage Slack access page is another way to control access for the Slack integration. Using this method you can control who can access stacks which are in a specific [Space](../../concepts/spaces/README.md) and based that access on specific Slack channel. | ||
|
|
||
| !!! warning | ||
| It's important to know that all access rules assigned won’t work until you [change management](../../concepts/user-management/README.md#migrating-from-login-policy) strategy from login policy to user management. |
KNiepok
reviewed
Jul 19, 2023
| @@ -0,0 +1,42 @@ | |||
| # User Management | |||
|
|
|||
| Spacelift is made for collaboration. In order to collaborate, you need collaborators. User Management is an easy way to invite new members to your organization and manage their permissions, together with third-party integrations and group access. If you prefer to write a policy rather than using our UI, please check [Login Policy](../policy/login-policy.md). | |||
There was a problem hiding this comment.
Suggested change
| Spacelift is made for collaboration. In order to collaborate, you need collaborators. User Management is an easy way to invite new members to your organization and manage their permissions, together with third-party integrations and group access. If you prefer to write a policy rather than using our UI, please check [Login Policy](../policy/login-policy.md). | |
| Spacelift is made for collaboration. In order to collaborate, you need collaborators. User Management is an easy way to invite new members to your organization and manage their permissions, together with third-party integrations and group access. If you prefer to write a policy rather than using our UI, please check out [Login Policies](../policy/login-policy.md). |
|
|
||
| ## Roles | ||
|
|
||
| User Management works by setting one of the following roles for users, groups and integrations for selected [Spaces](../spaces/README.md). |
There was a problem hiding this comment.
Maybe we should define what integrations mean, or just link to the integrations section?
|
|
||
| User Management works by setting one of the following roles for users, groups and integrations for selected [Spaces](../spaces/README.md). | ||
|
|
||
| - **Read** - cannot create or modify neither stacks nor any attachable entities, but can view them |
There was a problem hiding this comment.
Suggested change
| - **Read** - cannot create or modify neither stacks nor any attachable entities, but can view them | |
| - **Read** - cannot create or modify stacks or any attachable entities, but can view them |
| User Management works by setting one of the following roles for users, groups and integrations for selected [Spaces](../spaces/README.md). | ||
|
|
||
| - **Read** - cannot create or modify neither stacks nor any attachable entities, but can view them | ||
| - **Write** - an extension to Read, as it can trigger runs in the stacks it sees |
There was a problem hiding this comment.
Suggested change
| - **Write** - an extension to Read, as it can trigger runs in the stacks it sees | |
| - **Write** - can perform actions like triggering runs, but cannot create or modify Spacelift resources |
| The displayed Role badge is different than the space access role. It describes the user's role within the organization, instead of specific space permissions. This badge can have one of three values: | ||
|
|
||
| - **OWNER** - account admin, SSO admin or GitHub organization being the owner of an account. | ||
| - **ADMIN** - a user who has direct admin permissions to **root** space. This badge does not take group or integration permissions into account. |
There was a problem hiding this comment.
Suggested change
| - **ADMIN** - a user who has direct admin permissions to **root** space. This badge does not take group or integration permissions into account. | |
| - **ADMIN** - a user who has direct admin permissions to the **root** space. This badge does not take group or integration permissions into account. |
|
|
||
| ### Slack integration | ||
|
|
||
| After setting up [Slack integration](../../integrations/chatops/slack.md) you can also grant permissions to entire Slack channels after selecting **Integrations** tab and clicking **Manage access** button in Slack card. You can input a human-readable name along the Slack channel ID. You can then add Space permissions the same way you would for Users and Groups. |
There was a problem hiding this comment.
Suggested change
| After setting up [Slack integration](../../integrations/chatops/slack.md) you can also grant permissions to entire Slack channels after selecting **Integrations** tab and clicking **Manage access** button in Slack card. You can input a human-readable name along the Slack channel ID. You can then add Space permissions the same way you would for Users and Groups. | |
| After setting up the [Slack integration](../../integrations/chatops/slack.md) you can also grant permissions to entire Slack channels after selecting **Integrations** tab and clicking **Manage access** button in Slack card. You can input a human-readable name along the Slack channel ID. You can then add Space permissions the same way you would for Users and Groups. |
docs/getting-started.md
Outdated
|
|
||
| ### Login policy | ||
|
|
||
| Another way of adding users to Spacelift is using login policy. |
There was a problem hiding this comment.
Suggested change
| Another way of adding users to Spacelift is using login policy. | |
| Another way of adding users to Spacelift is using a login policy. |
docs/getting-started.md
Outdated
|
|
||
| Another way of adding users to Spacelift is using login policy. | ||
|
|
||
| Go to the "Organization settings" page that can be found in the user dropdown in the bottom of the left sidebar. Once you there, choose "Login policy" from settings menu and click the "Create policy" button in the top-right corner. |
There was a problem hiding this comment.
Suggested change
| Go to the "Organization settings" page that can be found in the user dropdown in the bottom of the left sidebar. Once you there, choose "Login policy" from settings menu and click the "Create policy" button in the top-right corner. | |
| Go to the "Organization settings" page that can be found in the user dropdown in the bottom of the left sidebar. Once there, choose "Login policy" from settings menu and click the "Create policy" button in the top-right corner. |
docs/integrations/chatops/slack.md
Outdated
| @@ -143,6 +141,19 @@ space_write["Y"] { | |||
| } | |||
| ``` | |||
|
|
|||
| ### Manage Slack access page | |||
|
|
|||
| Using Manage Slack access page is another way to control access for the Slack integration. Using this method you can control who can access stacks which are in a specific [Space](../../concepts/spaces/README.md) and based that access on specific Slack channel. | |||
There was a problem hiding this comment.
Suggested change
| Using Manage Slack access page is another way to control access for the Slack integration. Using this method you can control who can access stacks which are in a specific [Space](../../concepts/spaces/README.md) and based that access on specific Slack channel. | |
| Using the Manage Slack access page is another way to control access for the Slack integration. Using this method you can control who can access stacks which are in a specific [Space](../../concepts/spaces/README.md) and base that access on a specific Slack channel. |
|
Your Render PR Server URL is https://spacelift-user-documentation-pr-288.onrender.com. Follow its progress at https://dashboard.render.com/static/srv-ck4oltcnli2s73d0skbg. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of the change
Add user management docs
Checklist
Please make sure that the proposed change checks all the boxes below before requesting a review:
mainbranch.If the proposed change is ready to be merged, please request a review from
@spacelift-io/solutions-engineering. Someone will review and merge the pull request.Spacelift employees should request reviews from the relevant engineers and are allowed to merge pull requests after they got at least one approval.
Thank you for your contribution! 🙇