Problem Statement

Currently, modifying the access level of a port or coder_app requires configuration in the template using theshare attribute in theCoder Terraform provider. This implies that template admins are expected to operate port sharing at the workspace level which misaligns with the use case.

Instead, the port sharing level should be configurable in the Coder UI by the workspace owner per port.

Implementation details

Here's arough example of what this improved UX might look like:

The user would be able to set one of the visibility options [owner (default),authenticated,public] with this button, ideally through a dropdown.

To accommodate security expectations, the maximum portshare level should be controlled by template admins at the deployment level. However, it could make sense to configure this per template rather than per deployment, depending on implementation difficulty and security opinions.

Impact

The individual that would want to forward a port should not have to edit their template to modify port visibility. This is a frequently requested use case by the community and has been recently discussed in detail with an enterprise customer.

Related issues

• A workspace should have the possibility to be temporarily available to the public #10393
• feature request: make forwarded ports public or share with other users #4615

CLI (Update)

To fully utilize this feature, the customer asked that it also be available in the CLI. I am under the impression it would fall undercoder port-forward but will defer to engineering.