Question about user permissions. I read this bit of documentation about roles for GD Cloud: https://www.gooddata.com/developers/cloud-native/doc/cloud/manage-organization/manage-permissions/ I'm not convinced I understand it. It'd be helpful if there was a way to manage users in the GD Cloud UI. Assigning users to groups, permissions to users, users to workspaces, etc are all things that feel easier to understand with visual aids rather than API. In any case, I'm looking to create a user that has the ability to create child workspaces, more users, api tokens, and workspace data filter entities. The admin users can do this. However, want to limit all that functionality to a single workspace. We have two main workspaces. One for our test environment and one for our production environment. They are only separated by their name. I want to eliminate the possibility of the API token associated with the user for our Test Environment being able to make changes to the production GD workspace. How can I achieve this?

Hi Levi, I am afraid that user management via UI is not available yet, but I will be more than happy to pass your feedback to the relevant teams to consider to enhance the GD Cloud this way. Let me also check what role/permissions would be the best for your use case.

🎉 New note created.

Hi Levi, while it is now possible to limit access of a particular user to a particular workspace, I don’t think it is possible to do it for the actions “above the workspace” like creating child workspaces, managing users within groups etc. without giving that user the manage permission to the whole GoodData organization. If you want to have a separate TEST and PROD environments, probably the best option is to have two separate GoodData organizations (hostnames) for that. Organization admin in the TEST environment will have full control over the TEST organization and no access to the PROD organization. As far as I know, paying GoodData customers can ask for an additional GoodData organization via GoodData support.