Team Visibility Settings for Terraform Enterprise and Cloud
We are excited to announce team visibility settings for Terraform Enterprise and Cloud. These settings provide an improved workflow to delegate ownership of workspaces and manage access for specific teams.
Previously, a workspace admin would only be able to view teams that they were a member of. For customers with functional teams that span many workspaces, this would mean coordination between individuals to agree on the best way to temporarily invite someone to a team, add that team to a workspace, and then restore the memberships to the original state.
In addition to being a little cumbersome, it also created a brief window where someone was granted a level of privilege to Terraform Enterprise and Cloud that was above what they should have required.
Today, all teams within Terraform Enterprise and Cloud now have a “visibility” setting which can be one of two states:
- Secret (default): Only team members and organization owners can read a team and its membership. This is the same behavior that existed before.
- Visible: Every user in the organization can see the team and its membership on the Teams page.
Workspace admins are now able to see all teams that are set to visible, and can add those teams to a workspace without needing to be a member of the team.
We’ve also seen instances where customers are managing team access via the API, for example enabling them to automatically grant oversight of all new workspaces to their internal InfoSec or Compliance teams. In some of these instances it is preferable to keep this detail, and the individuals within those teams, hidden from view. So we’ve retained the existing behavior which allows teams to be secret.
»Changing a team’s visibility setting
A team's visibility can be changed by any organization owner under the team's settings page:
»Learn more
The full details on managing team settings can be found in the Terraform Team documentation. In addition, we’ve updated the API documentation to include information on how to manage these settings via the API.
For more information on Terraform Cloud and Terraform Enterprise or to get started with your free trial, visit the Terraform product page. To learn more about Terraform visit the HashiCorp Learn platform and see it in action.
Sign up for the latest HashiCorp news
More blog posts like this one
Terraform Cloud adds new Sentinel policy review UI
Introducing a more efficient, streamlined way of managing policy as code workflows in Terraform Cloud.
Dynamic provider credentials now generally available for Terraform Cloud
Terraform’s dynamic provider credentials enable secure, short-lived authentication for HashiCorp Vault and cloud providers.
Terraform 1.4 improves the CLI experience for Terraform Cloud
Terraform 1.4 is now generally available, featuring enhanced run output in Terraform Cloud, support for OPA policy results in the CLI, and a native replacement for the null resource.