The page has been translated by Gen AI.

Managing Permissions

When multiple users access the Kubernetes cluster, you can grant permissions by specific API or namespace and specify the access range. You can apply the Role-Based Access Control (RBAC) feature of Kubernetes to set permissions by cluster or namespace. You can create and manage ClusterRole, ClusterRoleBinding, Role, and RoleBinding.

Reference

ClusterRole, ClusterRoleBinding, Role, RoleBinding services are set to the cluster (namespace) selected when the service is created by default. Even if you select other items in the list, the default cluster (namespace) setting is maintained.

  • To select a different cluster (namespace), click the gear button on the right side of the list. In the Cluster/Namespace Settings popup window, select the cluster and namespace you want to change and click the OK button. You can view the services created in the selected cluster/namespace.
Reference

Managing Cluster Roles

You can set and manage access permissions on a cluster unit basis. You can also set permissions for APIs or resources that are not limited to a namespace.

Creating a Cluster Role

To create a cluster role, follow these steps.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click ClusterRole under the Authorities menu. It moves to the ClusterRole list page.
  3. Cluster Role List page, select the cluster and namespace from the gear button at the top left, then click Create Object.
  4. Enter object information in the object creation popup window and click the OK button.
Reference
For more information on ClusterRole, see Kubernetes official documentation > Using RBAC Authorization.

Check Cluster Role Details

To view detailed information about the cluster role, follow these steps.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click 클러스터롤 under the 권한 menu. It moves to the 클러스터롤 목록 page.
  3. Cluster Role List page, select the cluster and namespace from the gear button at the top left, then click Confirm.
  4. Cluster Roll List page, select the item you want to check the detailed information. Move to the Cluster Roll Detail page.
    • Selecting System Object View at the top of the list displays all items except Kubernetes object entries.
  5. Click each tab to check the service information.
Classification
Detailed Description
Cluster Role DeletionDelete cluster role
Detailed InformationPossible to check detailed information of cluster role
YAMLThe resource file of the cluster role can be modified in the YAML editor
  • Click the Edit button, modify the resource, and then click the Save button to apply the changes
EventCheck the event that occurred within the cluster role
Account InformationAccount name, location, creation time, etc., basic information about the Account can be checked
Metadata InformationCheck the metadata information of the cluster role
Policy Rule InformationCheck policy rule information for ClusterRole
  • Resources: List of resources to which the rule is applied
  • Non-Resource URLs: Set of non-resource URLs that users must access
    • * is allowed, but only as the final part of the path
    • Non-resource URLs are not namespaced, so this field is only applicable to ClusterRoles referenced by ClusterRoleBindings
    • Rules can be applied to either API resources (e.g. “pods” or “secrets”) or non-resource URL paths (e.g. “/api”), but not both
  • Resource Names: Resource names are an optional whitelist of names that the rule applies to. An empty set means everything is allowed
Table. Cluster Role Detailed Information Items

Deleting a Cluster Role

To delete a cluster role, follow this procedure.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click ClusterRole under the Authority menu. It moves to the ClusterRole list page.
  3. Cluster Role List page, select the cluster and namespace from the gear button at the top left, then click OK.
  4. Select the item to delete on the Cluster Role List page. It moves to the Cluster Role Detail page.
  5. Cluster Role Detail page, click Delete Cluster Role.
  6. When the Notification Confirmation Window appears, click the Confirm button.
Caution
On the cluster role list page, you can delete the selected cluster role by selecting the item you want to delete and clicking Delete.

Managing Cluster Role Bindings

You can create and manage cluster role bindings by connecting cluster roles and specific targets.

Creating Cluster Role Binding

To create a cluster role binding, follow these steps.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click ClusterRoleBinding under the Authority menu. It moves to the ClusterRoleBinding list page.
  3. Cluster Role Binding List page, select the cluster and namespace from the gear button at the top left, then click Create Object.
  4. Object Creation Popup에서 오브젝트 정보를 입력하고 Confirm 버튼을 클릭하세요.
Reference
For more information on cluster role binding, see Kubernetes official documentation > Using RBAC Authorization.

Check Cluster Role Binding Details

To check the cluster role binding details, follow the next procedure.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click ClusterRoleBinding under the Authority menu. It moves to the ClusterRoleBinding list page.
  3. Cluster Role Binding List page, select the cluster and namespace from the gear button at the top left, then click Confirm.
  4. On the Cluster Role Binding List page, select the item you want to check the detailed information. It moves to the Cluster Role Binding Detail page.
    • Selecting Show System Objects at the top of the list displays all items except Kubernetes object entries.
  5. Click each tab to check the service information.
Classification
Detailed Description
Cluster Role Binding DeletionDelete cluster role binding
Detailed InformationCheck the detailed information of the cluster role binding
YAMLThe resource file of ClusterRoleBinding can be modified in the YAML editor
  • Click the Edit button, modify the resource, and then click the Save button to apply the changes
EventCheck the event that occurred within the cluster role binding
Account InformationAccount name, location, creation time, etc., basic information about the Account can be checked
Metadata InformationCheck the metadata information of the cluster role binding
Role/Target InformationCheck the role and target information of the cluster role
Table. Cluster Role Binding Details Items

Deleting Cluster Role Binding

To delete a cluster role binding, follow these steps.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click ClusterRoleBinding under the Authority menu. It moves to the ClusterRoleBinding list page.
  3. Cluster Role Binding List page, select the cluster and namespace from the gear button at the top left, then click Confirm.
  4. Cluster Role Binding List page, select the item you want to delete. It moves to the Cluster Role Binding Details page.
  5. Cluster Role Binding Detail page, click Delete Cluster Role Binding.
  6. When the Notification Confirmation Window appears, click the Confirm button.
Caution
On the Cluster Role Binding list page, you can delete the selected Cluster Role Binding by selecting the item you want to delete and clicking Delete.

Managing Roles

A role is a set of rules that explicitly define permissions for a specific API or resource, and it can create and manage permissions that can only be accessed within the namespace to which the role belongs.

Create Role

To create a role, follow these steps.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click under the 권한 menu. It moves to the 롤 목록 page.
  3. Roll list page, select cluster and namespace from the gear button at the top left, then click Create Object.
  4. Object Creation Popup에서 오브젝트 정보를 입력하고 Confirm 버튼을 클릭하세요.
Reference
For more information on roles, see Kubernetes official documentation > Using RBAC Authorization.

Check Roll Details

To check the roll details, follow the next procedure.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click under the 권한 menu. It moves to the 롤 목록 page.
  3. On the Roll List page, select the cluster and namespace from the Gear button at the top left, then click OK.
  4. Role List page, select the item you want to check the detailed information. Move to the Role Detail page.
    • Selecting System Object View at the top of the list displays all items except Kubernetes object entries.
  5. Click each tab to check the service information.
Classification
Detailed Description
Role Deleteto delete a role
Detailed InformationCheck the detailed information of the roll
YAMLYou can modify the role’s resource file in the YAML editor
  • Click the Edit button, modify the resource, and then click the Save button to apply the changes
EventCheck the event that occurred in the roll
Account InformationAccount name, location, creation time, etc., basic information about the Account can be checked
Metadata InformationCheck the metadata information of the roll
Policy Rule InformationCheck the policy rule information of the role
  • Resources: List of resources to which the rule is applied
  • Non-Resource URLs: Non-resource URLs are a set of partial URLs that the user must access
    • * is allowed, but only as the final step in the path
    • Non-resource URLs are not namespaced, so this field is only applicable to ClusterRoles referenced by ClusterRoleBindings
    • Rules can be applied to either API resources (e.g. “pods” or “secrets”) or non-resource URL paths (e.g. “/api”), but not both
  • Resource Names: Resource names are an optional whitelist of names that the rule applies to, an empty set means everything is allowed
Table. Detailed information items of roles

Delete Role

To delete a role, follow these steps.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click under the 권한 menu. It moves to the 롤 목록 page.
  3. On the Roll List page, select the cluster and namespace from the gear button at the top left, then click OK.
  4. Select the item you want to delete from the Role List page. It moves to the Role Detail page.
  5. Role Details page, click Delete Role.
  6. When the Notification Confirmation Window appears, click the Confirm button.
Caution
On the roll list page, after selecting the item you want to delete, clicking Delete allows you to delete the selected roll.

Managing Roll Binding

You can create and manage role bindings by linking roles to specific targets.

Creating Roll Binding

To create a role binding, follow these steps.

  1. Click All services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click 롤바인딩 under the 권한 menu. It moves to the 롤바인딩 목록 page.
  3. Role Binding List page, select the cluster and namespace from the gear button at the top left, then click Create Object.
  4. Object Creation Popup에서 오브젝트 정보를 입력하고 확인 버튼을 클릭하세요.
Reference
For more information on RoleBinding, please refer to Kubernetes official documentation > Using RBAC Authorization.

Check Roll Binding Details

To check the details of the roll binding, follow the next procedure.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click 롤바인딩 under the 권한 menu. It moves to the 롤바인딩 목록 page.
  3. On the 롤바인딩 목록 page, select the cluster and namespace from the 톱니바퀴 button at the top left, then click 확인.
  4. On the Roll Binding List page, select the item you want to check the detailed information. It moves to the Roll Binding Details page.
    • Selecting Show System Objects at the top of the list displays all items except Kubernetes object entries.
  5. Click each tab to check the service information.
Classification
Detailed Description
Roll Binding DeleteDelete roll binding
Detailed InformationCheck the detailed information of roll binding
YAMLRollbinding’s resource file can be modified in YAML editor
  • Click the Edit button, modify the resource, and then click the Save button to apply the changes
EventCheck the event that occurred within the roll binding
Account InformationAccount name, location, creation time, etc., basic information about the Account can be checked
Metadata InformationCheck the metadata information of Roll Binding
Roll/Target InformationCheck the roll’s role and target information
Table. Rollbinding detailed information items

Deleting Roll Binding

To delete a role binding, follow these steps.

  1. Click all services > Container > Kubernetes Engine menu. It moves to the Service Home page of Kubernetes Engine.
  2. On the Service Home page, click 롤바인딩 under the 권한 menu. It moves to the 롤바인딩 목록 page.
  3. Rollbinding List page, select the cluster and namespace from the gear button at the top left, then click OK.
  4. Select the item to delete from the Roll Binding List page. It moves to the Roll Binding Details page.
  5. On the Roll Binding Details page, click Delete Roll Binding.
  6. When the Notification Confirmation Window appears, click the OK button.
Caution
On the Role Binding list page, after selecting the item you want to delete, clicking Delete allows you to delete the selected role binding.
Configuration Management