Context

When managing Spacelift configurations through Terraform, you may need to automate user permissions and role assignments across different spaces. This requires understanding how to structure policies within the user resource to assign multiple roles.

Answer

You can assign multiple roles to users in Spacelift using the Terraform provider by adding multiple policy blocks within the user resource definition. Here's how to structure it:

Example of assigning multiple roles to a user:

resource "spacelift_user" "example" {
  # User details here
  
  policy {
    space_id = "space1"
    role     = "ADMIN"
  }
  
  policy {
    space_id = "space2"
    role     = "READ"
  }
  
  # Add more policy blocks as needed
}

Each policy block can specify a different space and role combination, allowing you to set granular permissions per user across different spaces.

Alternative approach: If you're using SAML or OIDC for authentication, you can also consider using IDP Group Mappings to manage permissions, provided your identity provider passes group/team information that matches exactly with your Spacelift configuration.

Source: Spacelift Terraform Provider Documentation