Skip to main content

Environments management using the Permit CLI

Automate environment creation and management

Use CLI commands to create, copy, and manage environments

permit env create

This command creates a new environment in a specified project. This is useful for setting up new environments for development, testing, or production.

Arguments (Optional):

  • --api-key <string> - a Permit API key to authenticate the operation. If not provided, the command will use your stored credentials.
  • --name <string> - the name of the new environment (will prompt if not provided)
  • --env-key <string> - the key for the new environment (will be derived from name if not provided)
  • --description <string> - the description of the new environment
  • --customBranchName - customizes the GitOps branch name of this environment (default is set to the environment ID)
  • --jwks <string> - JSON Web Key Set (JWKS) for frontend login, in JSON format
  • --settings <string> - environment settings in JSON format

Examples:

$ permit env create --api-key permit_key --name "Staging" --description "Staging environment for testing"

You can also create a complex environment with all options:

$ permit env create --api-key permit_key --name "Development" --envKey "dev" --description "Dev environment" --customBranchName "dev-branch" --jwks '{"ttl": 3600}' --settings '{"debug": true}'

permit env copy

Developers and CI pipelines can use this command to enable secure blue-green deployment in the Software Development Lifecycle (SDLC). The command will get the source and destination environments as options and copy the policies from one to another.

This will let you run your tests again in a non-production environment and safely merge them into production after the tests.

Arguments (Required):

  • --api-key <string> - a Permit API key at the project level or higher to authenticate the operation

Arguments (Optional - Will prompt if not provided):

  • --from <string> - the source environment to copy the policies from
  • --to <string> - the destination environment to copy the policies to
  • --name <string> - the name of a new environment to copy the policies to
  • --description <string> - the description of a new environment to copy the policies to
  • --conflict-strategy <fail | overwrite> - the strategy to handle conflicts when copying policies (default: fail)

Example:

$ permit env copy --api-key permit_key --from staging --to production --conflict-strategy overwrite

permit env delete

This command deletes an existing environment.

:blub: Note: Use with caution: this operation cannot be undone.

Arguments (Optional):

  • --api-key <string> - a Permit API key to authenticate the operation. If not provided, the command will use your stored credentials.
  • --environment-id <string> - the ID of the environment to delete (will prompt if not provided)
  • --force <boolean> - skip confirmation prompts (default: false)

Examples:

$ permit env delete --api-key permit_key --environmentId env_456

To force deletion without confirmation:

$ permit env delete --api-key permit_key --environmentId env_456 --force

Note: If you've authenticated via Permit’s login, the commands will use your current project context automatically.

permit env member

This command will assign members to an environment with the roles you specify. This is useful for managing the access control of your team members in the Permit.io environment.

This command can run in the CI after creating a new environment for development or testing to assign the roles to the team members who need to access the environment.

Arguments (Required):

  • --api-key <string> (Required) - a Permit API key in project level or higher to authenticate the operation

Arguments (Optional - Will prompt if not provided):

  • --environment <string> - the environment to assign the roles to
  • --project <string> - the project to assign the roles to
  • --email <string> - the email of the member to assign the roles to
  • --role <Owner | Editor | Member> - the role to assign to the member

Example:

$ permit env member --api-key permit_key --environment staging --project my-project --email gabriel@permit.io --role Owner

permit env select

This command lets you select a different active Permit.io environment. This is useful when you have multiple environments in your account and want to switch between them without logging out and logging in again.

Arguments (Required):

  • --api-key <string> - a Permit API key at the project level or higher to authenticate the operation. If not provided, the command will reauthenticate you in the browser.

Example:

$ permit env select --api-key permit_key

Terraform and IaC

Define and enforce policies programmatically within DevOps pipelines.

permit env export terraform

Export your Permit environment configuration as a Terraform HCL file.

This is useful for users who want to start working with Terraform after configuring their Permit settings through the UI or API. The command exports all environment content (resources, roles, user sets, resource sets, condition sets) in the Permit Terraform provider format.

Arguments (Optional)

  • --api-key <string> - a Permit API key to authenticate the operation. If not provided, the command will use the AuthProvider to get the API key you logged in with.
  • --file <string> - a file path where the exported HCL should be saved. If not provided, the output will be printed to the console.

Examples:

Using the Permit key -

$ permit env export terraform --api-key permit_key --file permit-config.tf

With the logged-in session -

$ permit env export terraform --file permit-config.tf

Print out the output to the console -

$ permit env export terraform

Contents