Does SSO via AD give you the ability to start creating teams in Pulumi that aren't tied to Github teams?
11/16/2018, 7:50 PM
SSO via AD does support teams at the AD level, not GitHub level.
In the near term though, if your users are members of both GitHub orgs, things should "just work" here. That scenario is pretty common, and allows each org to set policy independently.
11/16/2018, 10:36 PM
just not understanding how that works in the UI
if I try to add another org it wants me to sign up
11/16/2018, 10:38 PM
That's right - each GitHub org would need to sign up for a Pulumi subscription. Once they are signed up, users who are members of both orgs will see both orgs (along with their personal "org") listed in the "Select Organization" drop down in the Pulumi console UI.
11/16/2018, 10:55 PM
in the meantime though, a Github org = Pulumi org
@white-balloon-205 with regards to RBAC in Pulumi - within the UI will it enumerate all domain groups? What's the nature of that connection? Finding out in advance because it will mean wrangling with corporate IT