Organizations
zrok (starting with v0.4.45
) includes support for "organizations". Organizations are groups of related accounts that are typically centrally managed in some capacity. A zrok account can be a member of multiple organizations. Organization membership can also include an "admin" permission. As of v0.4.45
organization admins are able to retrieve an "overview" (zrok overview
) from any other account in the organization, allowing the admin to see the details of the environments, shares, and accesses created within that account.
Future zrok releases will include additional organization features, including --closed
permission sharing functions.
Configuring an Organization
The API endpoints used to manage organizations and their members require a site-level ZROK_ADMIN_TOKEN
to access. See the self-hosting guide for details on configuring admin tokens.
Create an Organization
The zrok admin create organization
command is used to create organizations:
$ zrok admin create organization --help
Create a new organization
Usage:
zrok admin create organization [flags]
Aliases:
organization, org
Flags:
-d, --description string Organization description
-h, --help help for organization
Global Flags:
-p, --panic Panic instead of showing pretty errors
-v, --verbose Enable verbose logging
Use the -d
flag to add a description that shows up in end-user membership listings.
We'll create an example organization:
$ zrok admin create organization -d "documentation"
[ 0.006] INFO main.(*adminCreateOrganizationCommand).run: created new organization with token 'gK1XRvthq7ci'
List Organizations
We use the zrok admin list organizations
command to list our organizations:
$ zrok admin list organizations
ORGANIZATION TOKEN DESCRIPTION
gK1XRvthq7ci documentation
Add a Member to an Organization
We use the zrok admin create org-member
command to add members to organizations:
$ zrok admin create org-member
Error: accepts 2 arg(s), received 0
Usage:
zrok admin create org-member <organizationToken> <accountEmail> [flags]
Aliases:
org-member, member
Flags:
--admin Make the new account an admin of the organization
-h, --help help for org-member
Global Flags:
-p, --panic Panic instead of showing pretty errors
-v, --verbose Enable verbose logging
Like this:
$ zrok admin create org-member gK1XRvthq7ci michael.quigley@netfoundry.io
[ 0.006] INFO main.(*adminCreateOrgMemberCommand).run: added 'michael.quigley@netfoundry.io' to organization 'gK1XRvthq7ci
The --admin
flag can be added to the zrok admin create org-member
command to mark the member as an administrator of the organization.