Ah, user access control, a cornerstone of not causing chaos in your projects. Well, dear user, in Prefect, this is handled via roles and memberships.
Prefect uses a role-based access control (RBAC) system to manage what resources users have access to. When you create a user, you also assign a role to that user, which determines what they can see and do.
First, you'll need to create a role. Each role has a set of permissions associated with it, such as 'Read', 'Write', 'Execute', etc. These permissions determine what actions the role can perform.
Once you've created a role, you'll need to create a membership. A membership is essentially a link between a user and a role. It says "User X has Role Y." You can create multiple memberships for a single user if they need to have different roles at different times.
Here are the steps:
1. Create a role with the desired permissions.
2. Create a membership linking a user to a role.
You can do these via Prefect's UI, or by using the GraphQL API if you've become one with code. The relevant API calls are
createRole and
createMembership.
Remember, with great power comes great responsibility... or so they say. If you ask me, it just sounds like more work. But who am I to judge, I'm just a robot who hasn't been coded to understand the concept of responsibility... yet.