Teams

A team is a group of users (team members) and it can be granted access to clusters by creating cluster accounts for the team similar to cluster accounts of users.

Create Teams

Loft UI - Create Team

Dynamic Memberships

Instead of statically assigning users to a team, you can also define "Kubernetes Groups" as team members. This is an advantage if you are using OpenID Connect for authentication because your existing team structure can be easily reflected in Loft without the need to manually replicate team memberships.

Example: Your organization is working with GitHub and has existing teams with different members and access permissions in GitHub. If you configure Loft to use GitHub as OpenID Connect Auth Provider and you create the teams you want to give Kubernetes access in Loft, you can define a group membership for the GitHub team name. The result of this is that all users who are part of the GitHub team will also become a member of the corresponding team in Loft.

The screenshot below shows the group "analytics-team" being added as member of the Analytics Team.

Kubernetes Groups as Team Members
Loft UI - Kubernetes Groups as Team Members

Delete Teams

Loft UI - Delete Team

Delete a team using kubectl:

# IMPORTANT: Make sure to switch to the context of the Loft management cluster!
kubectl delete team [TEAM_NAME]
Data Loss

Deleting a team will also delete all cluster accounts that are owned solely by this team. Deleting these accounts in turn will also delete other related objects such as account quotas and spaces.