Skip to content

Commit

Permalink
add user management readme docs (#205)
Browse files Browse the repository at this point in the history
  • Loading branch information
@mattkim
mattkim authored Jun 14, 2023
1 parent 0093a08 commit fbddc94
Showing 1 changed file with 43 additions and 0 deletions.
43 changes: 43 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,49 @@ tcld namespace search-attributes rename -n <namespace> --existing-name <existing
```
> :warning: Any workflows that are using the old search attribute name will fail after the update.
# User Management
### List users:
```
tcld user list
```

### Get user information:
```
tcld user get -e <user-email>
```

### Invite users to your account:
To invite users to your account, you must specify the email and account role. Namespace permissions are optional. You can invite multiple emails at once. An invitation email will be sent to the emails specified. Users should accept the invitation from the email to confirm being added to the account.
```
tcld user invite -e <user-email> --ar <account-role> -p <namespace-1=namespace-permission> -p <namespace-2=namespace-permission>
```

### Reinvite users to your account:
If a user has been invited to your account but has not accepted the invite, you can reinvite them using the following command. This command will send a new invite email to the user. The previous email invitation link will become invalid.
```
tcld user resend-invite -e <user-email>
```

### Delete user from your account:
To delete a user from your account, run the following command. The user will be removed from your account and have all permissions revoked.
```
tcld user delete -e <user-email>
```

### Update user permissions:
Run the following command to update a user's account role. A user is only assigned one account role at a time. The admin role gives the user access to all namespaces.
```
tcld user set-account-role -e <user-email> --ar <account-role>
```
Run the following command to update a user's namespace permissions. This is a set operation, which requires assigning the full set of permissions each time. To get the current set of namespace permissions run the `tcld user get` command. Permissions not specified will be effectively removed. Do not run this command if the user is already an account admin, since they already have access to all namespaces.
```
# get list of current namespace permissions
tcld user get -e <user-email> | jq -r '.spec.namespacePermissions'
# set new user namespace permissions, make sure to include any permissions from the previous command
tcld user set-namespace-permissions -e <user-email> -p <namespace-1=namespace-permission> -p <namespace-2=namespace-permission>
```

# Asynchronous Operations
Any update operations making changes to the namespaces hosted on Temporal Cloud are asynchronous. Such operations are tracked using a `request-id` that can be passed in when invoking the update operation or will be auto-generated by the server if one is not specified. Once an asynchronous request is initiated, a `request-id` is returned. Use the `request get` command to query the status of an asynchronous request.
```
Expand Down

0 comments on commit fbddc94

Please sign in to comment.