Global read-only Role

Andreas_Kappel · July 21, 2023, 6:31am

Hi,

I am looking for a way, to allow a group read-only permissions on all Clusters for all resources without having to add them to all clusters individually. I managed to create a global role where all clusters are visible, but no resource inside the cluster can be retrieved

I am using terraform to provision the role:

resource "rancher2_global_role" "cluster-readonly" {
  name = "Cluster Reader"
  rules {
    api_groups = ["*"]
    resources = ["*"]
    verbs = ["get","list","watch"]
  }
  rules {
    verbs = ["get","list","watch"]
    non_resource_urls = [ "*" ]
  }
}

Topic		Replies	Views
Custom read-only role Rancher	1	1450	September 2, 2021
How to give cluster access permissions based on cluster groups? Rancher	3	367	December 13, 2023
How to limit a user to view a set of clusters instead of ALL? Rancher	0	302	September 27, 2021
User shouldn't see Infrastrucuture/Hosts	4	892	July 13, 2017
Manage clusters with rancher without cluster-role? Rancher	1	343	July 4, 2022

Global read-only Role

Related topics