Referencing Users and Groups

Overview

Abbey has the ability to reference users and group members stored externally for use in Grant Kits.

These are most commonly used in two places:

Building a Workflow (I'd like Bob to approve, or members of this group to approve)
Creating an Output (assign the requester a permission)

For understanding how these data can be used in Access Policies, please see Policy Examples.

User References

An Output block is templatized code change that assigns a user to a particular permission. In order to do that, we need to reference the identifier for a user.

Below shows how an example for AWS Identity Center.

member_id = "{{ user.aws_identitystore.id }}"

Group References

Abbey has the ability to use Group Memberships in the context of a workflow.

For example, the below references a set of Users in a Google Workspace group. Abbey will send an approval to all members of that group, with only one (due to one_of) needing to approve for a user to get access.

one_of = ["{{ groups.googleworkspace.03oy7u2934pbgyw }}"]

PreviousOutputs NextLinking Application Identities into Abbey

Last updated 1 year ago