How to define different RBAC rules for different groups of self-service users for a PMK cluster?
- Platform9 Managed Kubernetes - v4.0 and Higher
- Created a self-service user from the UI or from the command line.
# openstack user create <username >
# openstack set user <username> --enable
- Create a local keystone group using OpenStack CLI
# openstack group create < group name>
- Add the user to the group using the following OpenStack command.
# openstack group add user <group name > <user name/id>
- Obtain the role details using the following command
# openstack role list
- Add `_member_` role to the group using the following command
# openstack role add --group <group name > --domain default <role-id>
- Create rolebinding and clusterrolebinding (as required) for this group from the UI by following steps provided in the Platform9 documentation.