fix(setup): decode role mappings (#7760)

2025-08-12 03:57:32 +00:00 · 2024-04-14 11:55:54 +02:00
parent 9865425a0c
commit 5b34aabbdd
3 changed files with 48 additions and 1 deletions
--- a/cmd/defaults.yaml
+++ b/cmd/defaults.yaml
@@ -906,7 +906,7 @@ AuditLogRetention: 0s # ZITADEL_AUDITLOGRETENTION

 InternalAuthZ:
  # Configure the RolePermissionMappings by environment variable using JSON notation:
-  # ZITADEL_INTERNALAUTHZ_ROLEPERMISSIONMAPPINGS='[{"role": "IAM_OWNER", "permissions": ["iam.read", "iam.write"]}]'
+  # ZITADEL_INTERNALAUTHZ_ROLEPERMISSIONMAPPINGS='[{"role": "IAM_OWNER", "permissions": ["iam.write"]}, {"role": "ORG_OWNER", "permissions": ["org.write"]}]'
  # Beware that if you configure the RolePermissionMappings by environment variable, all the default RolePermissionMappings are lost.
  RolePermissionMappings:
    - Role: "SYSTEM_OWNER"