I know that all Octopus users are added to the Everyone
team and that the default for this team is its members can do nothing. Is there a recommend base set of permissions we should assign this team?
This is correct, all Octopus users are members of the Everyone
team. As a rule of thumb we tend to assign the Everyone
team the Project viewer
and Environment viewer
user roles for each space in the Octopus instance.
This gives users read-only access to the Project and Environment parts of Octopus.
It might be that, when you’re configuring your Octopus instance, you find that it would suit your requirements to give additional permissions for some reason. If you do grant additional permissions do it with caution keeping in mind that any existing or newly created user will have this additional access.