https://pulumi.com logo
#general
Title
# general
o

orange-tailor-85423

11/16/2018, 7:47 PM
Does SSO via AD give you the ability to start creating teams in Pulumi that aren't tied to Github teams?
w

white-balloon-205

11/16/2018, 7:50 PM
Great questions. SSO via AD does support teams at the AD level, not GitHub level. In the near term though, if your users are members of both GitHub orgs, things should "just work" here. That scenario is pretty common, and allows each org to set policy independently.
o

orange-tailor-85423

11/16/2018, 10:36 PM
ok
just not understanding how that works in the UI
if I try to add another org it wants me to sign up
w

white-balloon-205

11/16/2018, 10:38 PM
That's right - each GitHub org would need to sign up for a Pulumi subscription. Once they are signed up, users who are members of both orgs will see both orgs (along with their personal "org") listed in the "Select Organization" drop down in the Pulumi console UI.
o

orange-tailor-85423

11/16/2018, 10:55 PM
ok
in the meantime though, a Github org = Pulumi org
in essence
@white-balloon-205 with regards to RBAC in Pulumi - within the UI will it enumerate all domain groups? What's the nature of that connection? Finding out in advance because it will mean wrangling with corporate IT
w

white-balloon-205

11/19/2018, 5:04 AM
Sorry for the delay.
will it enumerate all domain groups
Do you mean for SAML/AD integration? We are using SCIM (https://tools.ietf.org/html/draft-ietf-scim-api-19) to sync user/group information.