How to give cluster access permissions based on cluster groups?

Hello,
I created a cluster group as specified here (Create Cluster Groups | Fleet)
Our permissions requirement are fairly simple:

  • A group with full permissions to the cluster
  • A group with readonly permissions to the cluster (get/list/logs)

Not sure I understand how to bind the roles I created to the cluster group…
The idea is that we have environments with multiple cluster (dev|stg|prod), and we don’t to manage on a per cluster basis.

Any help would be greatly appreciated! :slight_smile:

Pinging this in hope for some response :slight_smile:

Hi - I have not done this myself but if you have Rancher manager, I think this can be done from the Users & Authentication section from the Rancher UI. You can create users, roles and groups from there, so I’m assuming you can also bind roles to your groups from there.

@vaishnav
You’re right but the groups are user groups not cluster groups.

I want to set permissions once
User group → cluster group

That way whenever I create a new cluster it will inherit the permission from the group, and I will also be able to rollout permissions for one central place to all the cluster the environment (group).