...
| Code Block |
|---|
# policy name
- name: rbac_admin_all
# Role (one of admin/viewer/editor)
role: admin
# using inbuilt scope "all"
scope:
type: all |
Example policy: Viewer role for a custom scope with regular expression in filter.
| Code Block |
|---|
# policy name
- name: rbac_viewer_target_namespace
# Role (one of admin/viewer/editor)
role: viewer
# Custom scope giving access to data generated from kube_namespace called "target"
scope:
filters:
- key: kube_namespace
op: =
value: dev-.*
type: custom |
Scope
A scope defines what data a given user has access to. Kloudfuse platform has following inbuilt (reserved) access types.
...