.png)
Workspace Role Bindings
Workspace Role Bindings grant access to specified Workspace Roles for a specified group of people.
Prerequisites
Before you can create a Workspace Role Binding, ensure you have created a workspace Group. A Group can contain one or several Identity Provider users, groups or both.
The syntax for the Identity Provider groups you add to a DKP Group varies depending on the context for which you have established an Identity Provider.
If you have set up an identity provider globally, for All Workspaces:
For groups: Add an Identity Provider Group in the
oidc:<IdP_user_group>format. For example,oidc:engineering.For users: Add an Identity Provider User in the
<user_email>. For example,jane.doe@example.com.
If you have set up an identity provider for a Specific Workspace:
For groups: Add an Identity Provider Group in the
oidc:<workspace_name>:<IdP_user_group>format. For example,oidc:tenant-z:engineering.For users: Add an Identity Provider User in the
<workspace_ID>:<user_email>format. For example,tenant-z:jane.doe@example.com.
Run kubectl get workspacesto obtain a list of all existing workspaces. Theworkspace_IDis listed under theNAMEcolumn.
Configure Workspace Role Bindings
You can assign a role to this Kommander Group:
From the top menu bar, select your target workspace.
Select Access Control in the Administration section of the sidebar menu.
Select the Cluster Role Bindings tab, and then select the Add Roles button next to the group you want.
Select the Role, or Roles, you want from the drop-down menu and select Save.
It will take a few minutes for the resource to be created.