Teams

The Pulumi Console offers role-based access control (RBAC) using teams. Teams allow organization admins to assign a set of stack permissions to a group of users.

Creating a Team

By default, all organization admins can create new teams.

To create a team:

  1. Navigate to Teams.
  2. Select Create team.

To give members permission to create teams:

  1. Navigate to the organization’s Settings.
  2. Navigate to Access Management.
  3. Use the toggle to turn on the Allow organization members to create teams setting.

GitHub-based Teams

If your Pulumi organization is backed by GitHub, you can import your existing GitHub teams into Pulumi.

For these teams, membership is managed on GitHub, while the set of stack permissions granted to team members is managed on the Pulumi Console.

Importing a GitHub-based team

Team Permissions

By default only organization admins can create teams.

To allow all members to create teams:

  1. Navigate to the organization’s Settings.
  2. Navigate to Access Management.
  3. Use the toggle to turn on the Allow organization members to create teams setting.

Granting Access to Stacks within Teams

Teams can be granted access to stacks, which grants all team members access to those stack based on the selected permission level.

Editing team stacks and permissions

Team Roles

Members of a team can be granted Team admin or Team member permissions. Team admins can add members to a team. By default, any new team members will be assigned the team member role.

To change a team member’s role:

  1. Navigate to Teams and then the specific team.
  2. In the Members section use the ellipsis menu item at the end of the table row and select Change role to.