User Group Commands

👥 Manage user groups in Kavach - create, list, delete, and manage group members.

Overview

User groups are collections of users that can be assigned permissions together. Instead of managing permissions for each user individually, you can create user groups and assign permissions to the entire group at once.

Key Concepts

User groups belong to organizations and contain multiple users
Group-based permissions simplify access control management
Users can belong to multiple groups for different permission sets
Group permissions work alongside individual permissions
Efficient team management for large organizations

Available Roles

Role	Permissions
owner	Full administrative access (create, delete, manage members, grant permissions)
admin	Administrative access (manage members and permissions, but cannot delete the resource they were granted admin on)
editor	Write access (modify resources, but cannot assign permissions to others)
viewer	Read-only access (view group only)

Commands

`kavach user-group create`

🏗️ Create a new user group

Usage

kavach user-group create <name> [flags]

Arguments

Argument	Description	Required
`name`	Name of the user group	Yes

Flags

Flag	Description	Required	Default
`--description`	Description of the user group	No	""
`--organization, -o`	Organization under which to create the user group	No	Active organization

Examples

# Create user group with description
kavach user-group create developers --description "Development team"

# Create user group without description
kavach user-group create qa-team --description "QA team"

# Create user group in specific organization
kavach user-group create ops-team --description "Operations team" --organization mycompany

Example Output

🎉 User group 'developers' created successfully under organization 'mycompany'.

`kavach user-group list`

📋 List your user groups

Usage

kavach user-group list [flags]

Flags

Flag	Description	Required	Default
`--organization, -o`	Organization under which to list user groups	No	Active organization

Examples

# List all user groups in current organization
kavach user-group list

# List user groups in specific organization
kavach user-group list --organization mycompany

Example Output

┌─────────────────────────────────────┬─────────────────┬─────────────────────┬──────────────────┐
│ User Group Id                       │ User Group Name │ Description         │ Organization Name│
├─────────────────────────────────────┼─────────────────┼─────────────────────┼──────────────────┤
│ 550e8400-e29b-41d4-a716-446655440000│ developers      │ Development team    │ mycompany        │
│ 550e8400-e29b-41d4-a716-446655440001│ qa-team         │ QA team             │ mycompany        │
└─────────────────────────────────────┴─────────────────┴─────────────────────┴──────────────────┘

`kavach user-group delete`

🗑️ Delete a user group by name

Usage

kavach user-group delete <name> [flags]

Arguments

Argument	Description	Required
`name`	Name of the user group to delete	Yes

Flags

Flag	Description	Required	Default
`--organization, -o`	Organization under which to delete the user group	No	Active organization

Examples

# Delete user group (with confirmation)
kavach user-group delete qa-team

# Delete user group in specific organization
kavach user-group delete ops-team --organization mycompany

Confirmation Prompt

When deleting a user group, you'll see a confirmation prompt:

are you sure to delete user group qa-team under org mycompany if yes click on proceed otherwise cancel
UserGroup 'qa-team' deleted successfully.

`kavach user-group members add`

➕ Add a user to a user group

Usage

kavach user-group members add [flags]

Flags

Flag	Description	Required
`--user-group, -g`	Name of the user group	Yes
`--user, -u`	Name of the user to add	Yes
`--organization, -o`	Organization under which the user group exists	No

Examples

# Add user to user group
kavach user-group members add --user-group developers --user john

# Add user to user group in specific organization
kavach user-group members add --user-group qa-team --user sarah --organization mycompany

# Add user to admin group
kavach user-group members add --user-group admins --user mike

Example Output

🎉 Member 'john' added successfully to user group 'developers'.

`kavach user-group members list`

📋 List members of a user group

Usage

kavach user-group members list [flags]

Flags

Flag	Description	Required
`--user-group, -g`	Name of the user group	Yes
`--organization, -o`	Organization under which the user group exists	No

Examples

# List members of a user group
kavach user-group members list --user-group developers

# List members in specific organization
kavach user-group members list --user-group qa-team --organization mycompany

# List members of admin group
kavach user-group members list --user-group admins

Example Output

┌─────────────────────┬────────────┬─────────────────┐
│ UserEmail           │ UserName   │ UserGroupName   │
├─────────────────────┼────────────┼─────────────────┤
│ john@company.com    │ John Doe   │ developers      │
│ jane@company.com    │ Jane Smith │ developers      │
│ mike@company.com    │ Mike Brown │ developers      │
└─────────────────────┴────────────┴─────────────────┘

`kavach user-group members remove`

➖ Remove a user from a user group

Usage

kavach user-group members remove [flags]

Flags

Flag	Description	Required
`--user-group, -g`	Name of the user group	Yes
`--user, -u`	Name of the user to remove	Yes
`--organization, -o`	Organization under which the user group exists	No

Examples

# Remove user from user group
kavach user-group members remove --user-group developers --user john

# Remove user from user group in specific organization
kavach user-group members remove --user-group qa-team --user sarah --organization mycompany

# Remove user from admin group
kavach user-group members remove --user-group admins --user mike

Example Output

🎉 Member 'john' removed successfully from user group 'developers'.

Workflow Examples

Complete User Group Setup

# 1. Create user groups
kavach user-group create developers --description "Development team"
kavach user-group create qa-team --description "QA team"
kavach user-group create ops-team --description "Operations team"

# 2. List user groups
kavach user-group list

# 3. Add team members
kavach user-group members add --user-group developers --user "john@company.com"
kavach user-group members add --user-group developers --user "jane@company.com"
kavach user-group members add --user-group qa-team --user "sarah@company.com"

# 4. List members
kavach user-group members list --user-group developers

Permission Management

# 1. Create role-based user groups
kavach user-group create admins --description "Administrators"
kavach user-group create editors --description "Content editors"
kavach user-group create viewers --description "Read-only users"

# 2. Add users to appropriate groups
kavach user-group members add --user-group admins --user "admin@company.com"
kavach user-group members add --user-group editors --user "editor@company.com"
kavach user-group members add --user-group viewers --user "viewer@company.com"

# 3. Grant group permissions to resources
kavach group grant --group "admins" --role admin --group "myapp"
kavach env grant --group "editors" --role editor --env "development"
kavach env grant --group "viewers" --role viewer --env "production"

Best Practices

1. User Group Naming

# Good naming conventions
kavach user-group create developers --description "Development team"
kavach user-group create qa-team --description "QA team"
kavach user-group create ops-team --description "Operations team"

# Avoid generic names
kavach user-group create group --description "User group"  # Too generic

2. Role-Based Organization

# Create groups by role
kavach user-group create admins --description "System administrators"
kavach user-group create developers --description "Software developers"
kavach user-group create qa-engineers --description "Quality assurance engineers"
kavach user-group create devops --description "DevOps engineers"

Next Steps

After setting up your user groups:

Grant Permissions: Organization Management
Manage Secret Groups: Secret Group Management
Configure Environments: Environment Management
Set Up Providers: Provider Integration

Overview​

Key Concepts​

Available Roles​

Commands​

kavach user-group create​

Usage​

Arguments​

Flags​

Examples​

Example Output​

kavach user-group list​

Usage​

Flags​

Examples​

Example Output​

kavach user-group delete​

Usage​

Arguments​

Flags​

Examples​

Confirmation Prompt​

kavach user-group members add​

Usage​

Flags​

Examples​

Example Output​

kavach user-group members list​

Usage​

Flags​

Examples​

Example Output​

kavach user-group members remove​

Usage​

Flags​

Examples​

Example Output​

Workflow Examples​

Complete User Group Setup​

Permission Management​

Best Practices​

1. User Group Naming​

2. Role-Based Organization​

Next Steps​

Overview

Key Concepts

Available Roles

Commands

`kavach user-group create`

Usage

Arguments

Flags

Examples

Example Output

`kavach user-group list`

Usage

Flags

Examples

Example Output

`kavach user-group delete`

Usage

Arguments

Flags

Examples

Confirmation Prompt

`kavach user-group members add`

Usage

Flags

Examples

Example Output

`kavach user-group members list`

Usage

Flags

Examples

Example Output

`kavach user-group members remove`

Usage

Flags

Examples

Example Output

Workflow Examples

Complete User Group Setup

Permission Management

Best Practices

1. User Group Naming

2. Role-Based Organization

Next Steps