Skip to content

Latest commit

 

History

History
45 lines (38 loc) · 2.01 KB

create-custom-role.md

File metadata and controls

45 lines (38 loc) · 2.01 KB

Create a custom role on the rancher

Steps to create a new role

  1. Login to rancher UI ---> select icon.
  2. Select Users & Authentication ---> Roles ---> Cluster.
  3. Click on Create Cluster Role to create a new role for clusters.
  4. Provide a unique role name Name.
  5. Set Cluster Creator Default to No and Set Locked to No.
  6. Select the Grant Resources option ---> click on Add Resource.
    1. Select a set of operations from the verbs section to allow a role to perform the operations on the resource.
    2. Select Resource and API Groups.
  7. If you want to inherit existing roles, Select Inherit From option ---> click on Add Resource to add a new resource ---> Select Role.

Create viewAllDeletePod role

viewAllDeletePod role: view all resources and delete only pod.

  1. Login to rancher UI ---> select icon.

  2. Select Users & Authentication ---> Roles ---> Cluster.

  3. Click on Create Cluster Role to create a new role for clusters.

  4. Provide a unique role name viewAllDeletePod.

  5. Set Cluster Creator Default to No and Set Locked to No.

  6. Select the Grant Resources option ---> click on Add Resource.

    1. Select below mentioned verbs, resources, and API Groups.

      Verbs Resource Non-Resource URLs API Groups
      get, list, watch *
      delete pods
      get, list, watch * networking.istio.io
      get, list, watch * security.istio.io

  7. Inherit below mentioned roles, Select Inherit From option ---> click on Add Resource to add a new resource ---> Select Role.

    View Ingress
View Monitoring
View Volumes
View Nodes
View Services
View Config Maps
View Secrets
View Service Accounts
View Cluster Catalogs