Workspace Admin
roleTerraform resource | bytebase_iam_policy |
Sample file | 7-1-workspace-iam.tf |
7-1-workspace-iam.tf
with workspace-level permissions:
allUsers
is a special member representing everyone in the workspace. Without it, users may be
unable to access the workspace.admin@example.com
: Workspace Admintf@service.bytebase.com
: Workspace Admindba@example.com
, dba2@example.com
: Workspace DBAallUsers
: Workspace MemberQA Team
group has Project Viewer
role for ALL projects
Terraform resource | bytebase_iam_policy |
Sample file | 7-2-project-iam.tf |
7-2-project-iam.tf
for project-specific permissions:
2027-07-10T16:17:49Z
is an ISO 8601 UTC timestamp. Our system uses PostgreSQL to store metadata,
where this value is stored as a timestamptz
.QA Team
: Project Viewer
(inherited from workspace)Terraform Service Account
: Project Owner
(as creator)Developer 1
.
dev1@example.com
in a new browser/incognito window.Prod > Prod Sample Instance > hr_prod
.
employee
table - Should worksalary
table - Should workdepartment
table - Should fail with permission errorprojectViewer
) apply to ALL projects