Open AlexisDaciuk opened 1 month ago
Hey @AlexisDaciuk ,
Giving multiple principals access to a resource requires multiple TwingateResourceAccess
objects.
Each object represents a single edge betweena resource and a principal.
Turning principalExternalRef
into plural principalExternalRefs
is an interesting idea though...
Will keep this issue open as a feature request for that
Thanks for the clarification
I am looking into automating the deploy of Twingate Resources using Helm and ArgoCD and looking for a easy way to give access to multiple groups
Turning it into principalExternalRefs should make it easier from the Helm side of things
Maybe will help somebody, I was able to make it work with helm
With .Values.twingate.groups
being a String list
{{- range $name := .Values.twingate.groups }}
---
apiVersion: twingate.com/v1beta
kind: TwingateResourceAccess
metadata:
name: {{ $.Values.metadata.name }}-{{ $name | lower | nospace }}
namespace: {{ $.Values.metadata.namespace }}
spec:
resourceRef:
name: {{ $.Values.metadata.name }}
namespace: {{ $.Values.metadata.namespace }}
principalExternalRef:
type: group
name: {{ $name }}
{{- end }}
What is missing?
Examples of real life use cases of various Twingate resources
Why do we need it?
So no one needs to open a Github issue asking for syntax help
Environment
Twingate Kubernetes Operator version:
https://github.com/Twingate/kubernetes-operator/commit/acf0a721853fe5523b0f6f21da79230214325b55
Anything else we need to know?:
After finding the needed syntax in Issue 32 I was able to add one group to the TwingateResource but not able to add more than one group
What work is
I tried (and doesn't work)
and even
Is there a way to assign more than one group using TwingateResourceAccess?
Thanks Alex