Skip to main content

Groups

Groups in Infrahub allow you to create and manage collections of objects, enabling organized and efficient handling of related entities within your infrastructure. They provide a flexible way to define relationships between different objects and can be extended to suit various use cases through inheritance and customization.

Summary

  • Groups consist of members and subscribers, both of which can be objects of any type.
  • The base group model is the CoreGroup, from which specialized group types inherit.
  • Groups are integral to Infrahub's architecture, acting as a glue between various features such as generators, artifacts, and checks.
  • There are two main group types: default (user-managed) and internal (system-managed), with the latter being hidden from the Groups Manager by default to avoid clutter.

The CoreGroup is the generic model for all group types in Infrahub. It defines the essential attributes and relationships that can be extended by specialized group types to cater to specific requirements.

For detailed information, see the Groups Reference Guide.

Group concepts

CoreGroup

Relationships and access

Infrahub automatically adds relationships to all objects for seamless integration and management.

Automatic relationships

  • member_of_groups: Retrieves all groups that a particular object is a member of.
  • subscriber_of_groups: Retrieves all groups that a particular object is subscribed to.

GraphQL Access: These relationships can be accessed and managed through GraphQL queries and mutations, allowing for efficient and flexible interaction with group data.

Example Query:

query {
  device(id: "device-123") {
    member_of_groups {
      name
      description
    }
  }
}

Specialized groups

Several specialized group types inherit from CoreGroup, each serving a specific purpose within Infrahub:

  • CoreStandardGroup: Group of nodes of any kind.
  • CoreGeneratorGroup: Group of nodes that are created by a generator.
  • CoreGraphQLQueryGroup: Group of nodes associated with a given GraphQLQuery.

Group types

Default groups

These are user-managed groups, meaning they are created and managed by the user. Use Cases: Ideal for organizing and managing resources, users, or devices according to the user's specific needs.

Internal groups

These are system-managed groups, automatically generated by Infrahub to support internal processes such as tracking nodes for artifact definitions. In the groups manager view in the UI, a toggle is available to show or hide internal groups. By default, internal groups are hidden to reduce visual clutter and prevent confusion, as they are typically used behind the scenes by Infrahub.

Integration with other features

Groups can be used as targets for generators (GeneratorDefinition), artifacts (ArtifactDefinition), and checks (CheckDefinition), allowing automated processes to apply configurations or perform actions on a specified set of objects.

Future developments

The group functionality in Infrahub is designed to be extensible and is expected to evolve over time:

  • Dynamic Membership Rules: Ability to define dynamic rules for group membership based on object attributes or conditions.
  • Integration with Access Control: Deeper integration with permission systems to control access and operations based on group memberships.
  • Performance Optimizations: Efficient handling and querying of large groups for better scalability.