Workspaces
Manage workspaces from the command line. Workspaces help organize repositories by cloud provider and environment.
Overview
Workspaces in Controlinfra:
- Group repositories by cloud provider (AWS, Azure, GCP)
- Organize infrastructure by environment (production, staging, dev)
- Enable filtering and management at scale
List Workspaces
View all workspaces:
controlinfra workspaces listOutput:
┌──────────┬─────────────────┬───────┬─────────┬─────────────┐
│ ID │ Name │ Cloud │ Default │ Created │
├──────────┼─────────────────┼───────┼─────────┼─────────────┤
│ a1b2c3d4 │ Production AWS │ aws │ Yes │ 3 days ago │
│ e5f6g7h8 │ Staging AWS │ aws │ No │ 1 week ago │
│ i9j0k1l2 │ Production GCP │ gcp │ No │ 2 days ago │
│ m3n4o5p6 │ Production Azure│ azure │ No │ 5 days ago │
└──────────┴─────────────────┴───────┴─────────┴─────────────┘JSON Output
controlinfra workspaces list --jsonCreate a Workspace
Create a new workspace for a specific cloud provider:
controlinfra workspaces add <name> --cloud-provider <provider>Options
| Option | Description | Default |
|---|---|---|
--cloud-provider <provider> | Cloud provider: aws, azure, gcp | aws |
Examples
AWS Workspace
controlinfra workspaces add "Production AWS" --cloud-provider awsAzure Workspace
controlinfra workspaces add "Production Azure" --cloud-provider azureGCP Workspace
controlinfra workspaces add "Production GCP" --cloud-provider gcpWith GCP Service Account (from JSON file)
When creating a GCP workspace, you can import credentials from a service account JSON file:
controlinfra workspaces add "Production GCP" \
--cloud-provider gcp \
--gcp-json-file /path/to/service-account.jsonOutput:
✔ Workspace "Production GCP" created successfully
Workspace ID: 695f0a4798be040a1304643d
Add a repository to this workspace with:
controlinfra repos add owner/repo --workspace 695f0a4798be040a1304643dWorkspace Details
Get detailed information about a workspace:
controlinfra workspaces info <workspace-id>Output:
┌──────────────────────────────────────────────────────────┐
│ Workspace Details │
├──────────────────────────────────────────────────────────┤
│ Name: Production AWS │
│ Cloud: aws │
│ Default: Yes │
│ Created: 3 days ago │
│ Updated: 1 hour ago │
└──────────────────────────────────────────────────────────┘Note: You can use partial IDs (last 8 characters) for workspace commands.
Set Default Workspace
Set a workspace as the default:
controlinfra workspaces default <workspace-id>The default workspace is used when creating repositories without specifying a workspace.
Remove a Workspace
Delete a workspace:
controlinfra workspaces remove <workspace-id>You'll be prompted to confirm. Use --force to skip confirmation:
controlinfra workspaces remove <workspace-id> --forceWARNING
Removing a workspace does not delete the repositories in it. Repositories will become unassigned.
Working with Workspaces
List Repositories in a Workspace
controlinfra repos list --workspace <workspace-id>Add Repository to a Workspace
controlinfra repos add owner/repo \
--workspace <workspace-id> \
--cloud-provider aws \
--access-key AKIAXXXXXXXX \
--secret-key wJalrXXXXXXXXCloud Provider Matching
When adding a repository, the cloud provider must match the workspace's cloud provider. For example, you cannot add an AWS repository to a GCP workspace.
Workspace Options by Cloud Provider
AWS Workspace Options
controlinfra workspaces add "My AWS Workspace" \
--cloud-provider aws \
--region us-east-1 \
--auth-method credentials| Option | Description | Default |
|---|---|---|
--auth-method | credentials, instance_profile, assume_role | credentials |
--region | AWS region | us-east-1 |
Azure Workspace Options
controlinfra workspaces add "My Azure Workspace" \
--cloud-provider azure \
--azure-auth-method service_principal \
--azure-environment public| Option | Description | Default |
|---|---|---|
--azure-auth-method | service_principal, managed_identity | service_principal |
--azure-environment | public, usgovernment, german, china | public |
--subscription-id | Azure Subscription ID | - |
GCP Workspace Options
controlinfra workspaces add "My GCP Workspace" \
--cloud-provider gcp \
--gcp-auth-method service_account \
--gcp-json-file /path/to/key.json| Option | Description | Default |
|---|---|---|
--gcp-auth-method | service_account, workload_identity | service_account |
--gcp-project-id | GCP Project ID | - |
--gcp-client-email | Service Account email | - |
--gcp-private-key | Service Account private key | - |
--gcp-json-file | Path to Service Account JSON file | - |
Best Practices
1. Organize by Environment and Provider
Create separate workspaces for each environment and cloud provider:
controlinfra workspaces add "Production AWS" --cloud-provider aws
controlinfra workspaces add "Staging AWS" --cloud-provider aws
controlinfra workspaces add "Production GCP" --cloud-provider gcp
controlinfra workspaces add "Production Azure" --cloud-provider azure2. Use Descriptive Names
Include the environment and cloud provider in the name for easy identification:
Production AWS - US EastStaging GCP - EuropeDevelopment Azure - West US
3. Set a Default Workspace
Set your most-used workspace as default to streamline repository creation:
controlinfra workspaces default <workspace-id>Next Steps
- Repositories - Adding repositories to workspaces
- Scans - Running scans on workspace repositories
- AWS Credentials - AWS authentication setup
- Azure Credentials - Azure authentication setup
- GCP Credentials - GCP authentication setup