Official WebsitePricingGet 3 Nodes of BE Free
Edit

Groups

Groups organize your environments in Portainer. As an example, you can create groups for development, staging and production to differentiate between environment roles. You can also use groups to define which environments are available to which users.

Portainer Community Edition supports basic user and group assignments. For more complex user roles within groups, use Portainer Business Edition.

Adding a group

From the menu expand Environment-related, select Groups, then click Add group.

Define the properties of the group, using the table below as a guide.

Field/Option
Overview

Name

Give the group a descriptive name.

Description

Optionally describe the group in more detail.

Tags

Apply any tags to the group.

Associated environments

Select the environments to be categorized in the group.

When you're finished, click Create the group.

Removing a group

When you no longer need a group, you can remove it by ticking the box next to the group then clicking Remove.

Removing a group will not delete environments and users in that group. However, it may change the environments accessible to users who have their access assigned via a group.

Manage policies of a group

Policies allow you to apply configuration, security rules, and cluster settings to groups of environments, rather than configuring each environment individually. Note that the policies feature is experimental and must be turned on in settings before it can be used.

To manage the policies of a group, in the menu expand Environment-related then select Groups. Locate the environment group you want to manage the policies for, then select Manage policies under the Actions table header. This will direct you to the Policies page where you can manage existing polices or create new policies.

Manage access to an environment group

If a group's access is controlled by a policy, you cannot add access at this level because the policy access takes precedence.

If an environment and an individual user are in the same group, users will be tagged with inherited on the Manage access page. This means that the user is inheriting their access from the group, not the environment.

If you manually assign a user to an environment, and they are already assigned to it via a group, they will be tagged with override on the Manage access page, indicating that their individual access will override that of the group for this one environment. You can then modify their access in this special case.

To add or view access, from the menu expand Environment-related then select Groups. Locate the environment group you want to give users access to then select Manage access under the Actions table header.

To add access, select the users or teams you want to add using the dropdown. Then use the Role dropdown to select the role you want this user or team to have.

Once all have been selected, click Create access.

PreviousAuto onboardingNextPolicies

Last updated

Was this helpful?