https://pulumi.com logo
g

gifted-island-55702

12/27/2018, 9:44 PM
7. What level of granularity for stack outputs access permissions is available in pulumi? Is it possible to control it on an output-level or is it on stack level?
w

white-balloon-205

12/27/2018, 9:46 PM
Do you mean via RBAC? Currently it is per-stack. Definitely interested in scenarios that require finer granularity, and expect to add more granularity as needed to support customer use cases.
g

gifted-island-55702

12/27/2018, 9:50 PM
I am still exploring a design of pulumi projects/stack structure. What I am thinking right now is to have a single “admin”/umbrella pulumi project to manage GCP folders and other organisation data resources for all the business projects/teams and then delegate/give permissions to specific outputs from a set of resources (e.g. related to a single business project) to people from that business project team.