Referencing Users and Groups


Abbey has the ability to reference users and group members stored externally for use in Grant Kits.
These are most commonly used in two places:
  • Building a Workflow (I'd like Bob to approve, or members of this group to approve)
  • Creating an Output (assign the requester a permission)
For understanding how these data can be used in Access Policies, please see Policy Examples.

User References

An Output block is templatized code change that assigns a user to a particular permission. In order to do that, we need to reference the identifier for a user.
Below shows how an example for AWS Identity Center.
member_id = "{{ }}"

Group References

Abbey has the ability to use Group Memberships in the context of a workflow.
For example, the below references a set of Users in a Google Workspace group. Abbey will send an approval to all members of that group, with only one (due to one_of) needing to approve for a user to get access.
one_of = ["{{ groups.googleworkspace.03oy7u2934pbgyw }}"]