Teams - Granular permissions management for member access to projects [RBAC]

[ubshreenath]

Today, all team members can access all projects and spawn workspaces from any project and we cannot control this access

The current setup is great where small teams can allow all members to access all projects universally across the whole team.

Describe the behaviour you'd like

• For larger teams, we'd like to separate which members have access to which projects or via an RBAC role manager where we can define groups / roles and assign team members to those groups and allow those groups/roles to access specific projects in the team via the settings in the Project.
• Another simpler idea would be to have a team setting which if enabled, would allow team members to access their own projects and not anyone else's.

Describe alternatives you've considered

There aren't any alternatives in Gitpod today to overcome this today. So we've had to drop our idea to use a paid team plan and ask users to use their individual user accounts itself and we have no way to get usage tracking from there nor a way to upgrade them from our end to a paid plan.

Additional context

In our scenario, we have disparate users who are working on their projects independently (like students or freelancers) and we'd like to give them gitpod access to work on their projects separately but track their work via a team and also give them access to additional credit hours for them to continue working - on a per team member basis.

[svenefftinge]

Did you consider creating multiple teams?

[jldec]

and spawn workspaces from any project

How about creating projects on private repositories - this would limit the launching of workspaces to users with git access to the underlying repo. (I understand that projects would still be still visible

[jldec]

Another workaround which removes the need for projects (users just need to be members of the team) is for users to set their default billing account to point to the team in their user preferences.

From https://www.gitpod.io/docs/configure/billing/usage-based-billing

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.