teleport icon indicating copy to clipboard operation
teleport copied to clipboard

Published 20 hours ago verified publisher icon gravitational

Add ability to list requestable roles via tsh

Open programmerq opened this issue 3 years ago • 4 comments

What

tsh should have some functionality to list requestable roles. The webapi has similar functionality in that the create request web form has a dropdown box that allows the user to select the role to request.

How

Any or all of the following would be helpful:

  • tsh status should have a new field that shows the requestable roles
  • tsh request should have a subcommand to list them
  • tsh request new --roles foo should return the list of allowed roles if foo is not one of them instead of the generic "user is not allowed to request foo" type message it currently has.

Why

It is a poor user experience as it is now. The user must know ahead of time what to request and can't query it in the CLI where they want to use it.

Workaround

The user must get the requestable roles via some other means. They need to either work from a document manually handed to them from a teleport admin. The can also separately log in to teleport via a web ui to see what the requestable roles are. The fact that they are in a dropdown box makes it difficult to copy/paste them.

gz#3161

programmerq avatar Jul 26 '21 15:07 programmerq