Running the UI atm requires to start up both ^. I’m currently working on having a single docker image that will serve both the ui-server and ui
The design of the new UI also allows to start it from the temporal process. So in future you might be able to just start temporal server and it will serve the UI too
Role based functionality:
Is the question specifically targeted at the UI functionality, or generally role based security?
If we speak about the UI functionality, for example to disable the Terminate button if the person is not supposed to have access to it based on roles - this is something i’m happy to look into and understand better, though at this moment we don’t have such feature in plans. cc @ryland @steve @swyx to correct me about this ^
If we speak about general security: the UI is just a temporal client. For the actual security Temporal server endpoints have to be secured foremost. This is already available: Temporal Server security | Temporal documentation
Lmk if this answers your question