Create Role

A Role is a set of permissions that can be assigned to a user within a namespace for a cluster. A namespace divides a cluster between multiple users.

Kubernetes APIs are categorized into API groups, based on the API objects that they relate to.

The API groups for Kubernetes that are visible on the Platform9 Clarity UI consist of upstream Kubernetes APIs and Kubernetes APIs provided by Platform9.

While creating a Role, you can specify the operations that can be performed by the Role on one or more API objects in one or more API groups.

You can create one or more Kubernetes Roles for a namespace through the Platform9 Clarity UI.

You can set permissions on operations related to one or more API groups, when you create a new role.

Follow the steps given below to create a Role, through the Platform9 Clarity UI.

  1. Navigate to Kubernetes>RBAC>Roles.
  2. Click New Role. Add Role
  3. Enter the Name for the cluster.
  4. Select the Cluster.
  5. Select one or more namespaces for which you want to create the Role.
  6. Search or select an API group and select the operations to grant permissions on operations for the selected API group. Repeat selection of operations on as many other API groups as required. To grant permissions on all operations related to a sub-group under an API group, click the Select All link. To grant permission of specific operation for a sub-group under an API group, select the check box for the specific operation.
  7. Click Create Role.

A YAML file is created for the Role, and is visible on the Platform9 Clarity UI under the list of existing Roles.

Once a Role is created, you can assign the Role to a user or group of Users by creating a RoleBinding.

Create Role Using YAML

An alternate method to create a Role with the Platform9 Clarity UI is by writing YAML content.

Follow the steps given below to create a Role by writing YAML content.

  1. Navigate to Kubernetes>RBAC>Roles.
  2. Click New Role.
  3. Select the Enter YAML check box. Click Use Example Template, if required, for a sample Role YAML template. Add Role
  4. Write or copy-paste the YAML content into the text area provided for Role YAML.
  5. Click Create Cluster Role.

The Role is created and is visible on the Platform9 Clarity UI under the list of existing Roles for the cluster.

Once a Role is created, you can assign the Role to a user or group of Users by creating a RoleBinding.