🔐Security

General security

Terrakube security is based organizations and groups.

All Dex connectors that implement the groups claims can be used inside Terrakube.

An organization can have one or multiple groups and each group have different kind of access to manage the following options:

  • Module

    • Manage terraform modules inside an organization

  • VCS

    • Manage private connections to different VCS like Github, Bitbucket, Azure DevOps and Gitlab and handle SSH keys

  • Template

    • Manage the custom flows written in Terrakube Configuration Language when running any job inside the platform

  • Workspaces

    • Manage the terraform workspaces to run remote terraform operations.

  • Providers

    • Manage the terraform providers available inside the platform

Adding a group to an organization will grant access to read the content inside the organization but to be able to manage any option like module, workspace, templates or providers or VCS a Terrakube administrator will need to grant it

Administrator group

There is one special group inside Terrakube called TERRAKUBE_ADMIN, this is the only group that has access to create organizations and grant access to a teams to manage different organization features, you can also customize the group name if you want to use a different name depending on which Dex connector you are using when running Terrakube.