Hi
I’m currently working on RBAC rights for Prism Central but also for entities (VM,Apps...)
In my understanding and in the documentation, i saw that you have to be User Admin on PC to get full rights on K8s cluster.
In that statement, how does Karbon acts on K8s cluster rights while it deploy a new cluster ?
(For instance, if you are a Viewer on PC you can’t connect to K8s cluster, if you’re User Admin, you can do whatever you want. )
Best regards
Gael
Best answer by mikkisse
Hello!
Please check my article: https://vmik.net/2022/09/05/nutanix-kabron-rbac/
It’s in Russian, but you can easily translate it with google.
+4Hello!
Please check my article: https://vmik.net/2022/09/05/nutanix-kabron-rbac/
It’s in Russian, but you can easily translate it with google.
Thanks a lot mikkisse, i just read it and seems awesome. i’ll give it a try this afternoon but at a first glance, it seems to answer all my needs :D
+4Thanks for your feedback.
Please don't forget, that you can create strickt RBAC manifests in k8s and they will work. It's not necessary to map users only to cluster-admin role. You can create any role with any permissions you need.
Honestly, you should ask/tell Nutanix support to publish it.
(for your information, i had the official nutanix support by phone this morning and except saying configure User Admin or nothing, they weren’t aware of those information)
Thanks again, a lot lot lot lot !!! :)
Gael
+4You are welcome :)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.