Create ClusterRole

A ClusterRole is a set of permissions that can be assigned to resources within a given cluster.

Kubernetes APIs are categorized into API groups, based on the API objects that they relate to.

The API groups for Kubernetes that are visible on the Platform9 Clarity UI consist of the upstream Kubernetes APIs and the Kubernetes APIs provided by Platform9.

While creating a ClusterRole, you can specify the operations that can be performed by the ClusterRole on one or more API objects in one or more API groups.

You can create one or more Kubernetes ClusterRoles for a cluster through the Platform9 Clarity UI.

You can set permissions on operations related to one or more API groups, when you create a new ClusterRole.

Follow the steps given below to create a ClusterRole through the Platform9 Clarity UI.

  1. Navigate to Kubernetes>RBAC>Cluster Roles.
  2. Click New Cluster Role. Add Cluster Role
  3. Enter the Name for the cluster.
  4. Select the Cluster.
  5. Search or select an API group and select the operations to grant permissions on operations for the selected API group. Repeat selection of operations on as many other API groups as required. To grant permissions on all operations related to a sub-group under an API group, click the Select All link. To grant permission of specific operation for a sub-group under an API group, select the check box for the specific operation.
  6. Click Create Role.

The Role is created and is visible on the Platform9 Clarity UI under the list of existing Roles.

Once a Role is created, you can assign the Role to a user or group of Users by creating a ClusterRoleBinding.

Create ClusterRole Using YAML

An alternate method to create a ClusterRole with the Platform9 Clarity UI is by writing YAML content.

Follow the steps given below to create a ClusterRole by writing yaml content.

  1. Navigate to Kubernetes>RBAC>Cluster Roles.
  2. Click New ClusterRole.
  3. Select the Enter YAML check box. Click Use Example Template, if required, for a sample ClusterRole YAML template. Add Role
  4. Write or copy-paste the YAML content into the text area provided for Role YAML.
  5. Click Create Cluster Role.

The ClusterRole is created and is visible on the Platform9 Clarity UI under the list of existing ClusterRoles for the cluster.

Once a ClusterRole is created, you can assign the ClusterRole to a user or group of Users by creating a ClusterRoleBinding.