[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: cluster-roles



Hmm this is what I understood from both David and you.

Options 1: 

1.   Grant Cluster “admin” role to robot account (not cluster-admin but just cluster ‘admin’ role)
2.   Robot user being used (token) to create/modify/delete project1
3.   Grant user1 to project admin access. Once user1 has project admin access, user1 can him self grant project admin/edit/view roles to his team mates 
4.   Setup quota limits etc at project1 level by robot user
  
Option 2:

1. Create a custom role with required rules to robot account
2. Repeat above steps

Am not sure what is the difference between cluster-admin Vs admin roles at cluster bindings. After looking at role bindings, cluster-admin has more power then admin roles

Please confirm whether my understanding above is correct or not.


-- 
Srinivas Kotaru






On 8/4/16, 2:48 PM, "users-bounces lists openshift redhat com on behalf of Tobias Florek" <users-bounces lists openshift redhat com on behalf of openshift ibotty net> wrote:

>Hi Srinivas,
>
>I don't think you got the David's points. In order to grant "admin" to
>any other user, the user granting needs to have (at least) admin
>privileges. If this account should do that in any project, it will need
>admin privileges in any project.
>
>I hope I explained it in a coherent manner.
>
>Good luck with the setup,
> Tobi(as Florek)
>
>_______________________________________________
>users mailing list
>users lists openshift redhat com
>http://lists.openshift.redhat.com/openshiftmm/listinfo/users


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]