Terraform
Manage teams
You can grant team management abilities to members of teams with either one of the manage teams or manage organization access permissions. Refer to Team Permissions for details.
Organization owners can also create teams, assign team permissions, or view the full list of teams. Other users can view any teams marked as visible within the organization, plus any secret teams they are members of. Refer to Team Visibility for details.
To manage teams, perform the following steps:
- Click Settings and then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Click a team to go to its settings page, which lists the team's settings and current members. Members that have two-factor authentication enabled have a 2FA badge.
You can manage a team on its settings page by adding or removing members, changing its visibility, and controlling access to workspaces, projects, and the organization.
Create teams
To create a new team, perform the following steps:
- Click Settings and then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Enter a unique team Name and click Create Team. Team names can include numbers, letters, underscores (
_
), and hyphens (-
).
The new team's settings page appears, where you can add new members and grant permissions.
Delete teams
Important: Team deletion is permanent, and you cannot undo it.
To delete a team, perform the following steps:
- Click Settings, then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Click the team you want to delete to go to its settings page.
- Click Delete [team name] at the bottom of the page. The Deleting team "[team name]" box appears.
- Click Yes, delete team to permanently delete the team and all of its data from HCP Terraform.
Manage team membership
Team structure often resembles your company's organizational structure.
Add users
If the user is not yet in the organization, invite them to join the organization and include a list of teams they should belong to in the invitation. Once the user accepts the invitation, HCP Terraform automatically adds them to those teams.
To add a user that is already in the organization:
- Click Settings and then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Click the team to go to its settings page.
- Choose a user under Add a New Team Member. Use the text field to filter the list by username or email.
- Click the user to add them to the team. HCP Terraform now displays the user under Members.
Remove users
To remove a user from a team:
- Click Settings and then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Click the team to go to its settings page.
- Click ... next to the user's name and choose Remove from team from the menu. HCP Terraform removes the user from the list of team members.
Team visibility
The settings under Visibility allow you to control who can see a team within the organization. To edit a team's visibility:
- Click Settings and then click Teams. The Team Management page appears, containing a list of all teams within the organization.
- Click the team to go to its settings page.
- Enable one of the following settings:
- Visible: Every user in the organization can see the team and its membership. Non-members have read-only access.
- Secret: The default setting is that only team members and organization owners can view a team and its membership.
We recommend making the majority of teams visible to simplify workspace administration. Secret teams should only have organization-level permissions since workspace admins cannot manage permissions for teams they cannot view.
Manage workspace access
You can grant teams various permissions on workspaces. Refer to Workspace Permissions for details.
HCP Terraform uses the most permissive permission level from your teams to determine what actions you can take on a particular resource. For example, if you belong to a team that only has permission to read runs for a workspace and another team with admin access to that workspace, HCP Terraform grants you admin access.
HCP Terraform grants the most permissive permissions regardless of whether an organization, project, team, or workspace set those permissions. For example, if a team has permission to read runs for a given workspace and has permission to manage that workspace through the organization, then members of that team can manage that workspace. Refer to organization permissions and project permissions for additional information.
Another example is when a team has permission at the organization-level to read runs for all workspaces and admin access to a specific workspace. HCP Terraform grants the more permissive admin permissions to that workspace.
To manage team permissions on a workspace:
- Go to the workspace and click Settings > Team Access. The Team Access page appears.
- Click Add team and permissions to select a team and assign a pre-built or custom permission set.
Manage project access
You can grant teams permissions to manage a project and the workspaces that belong to it. Refer to Project Permissions for details.
Manage organization access
Organization owners can grant teams permissions to manage policies, projects and workspaces, team and organization membership, VCS settings, private registry providers and modules, and policy overrides across an organization. Refer to Organization Permissions for details.