Add RBAC Roles to Local Users
Manage access to your cluster and its resources by assigning Kubernetes RBAC roles to local users. If you have not created local users yet, see Create Local Users after Installing Kommander or Create Local Users during the Kommander Installation.
Assign a Role - Cluster Admin Example
Create the following ClusterRoleBinding
resource:
Replace
<example_email>
with the user's email address or a username.Replace
cluster-admin
with the RBAC role you want to assign to a user.If you have configured an Identity Provider for a specific workspace, configure the
subjects.name
field to<workspace_ID>:<user_email>
. For example,tenant-z:jane.doe@example.com
.
cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: User
name: <example_email>
EOF
After assigning the previous role to <example_email>
, the user is able to log in to the cluster using the credentials you assigned in Create Local Users after Installing Kommander or Create Local Users during the Kommander Installation.
The Login page and cluster URL is the same for the default admin user and the local users you create with this method.
More Information
For more information on RBAC resources in DKP, see Granting Access to Kubernetes and Kommander Resources.
For general information on RBAC as a Kubernetes resource, see the official Kubernetes RBAC documentation.