All cluster members can view basic information about the cluster. The permissions required for other operations are as follows:
Storage
Permission Operations Allowed Persistent Volume Claim Viewing
View persistent volume claim list, view persistent volume claim details, view persistent volume list, view persistent volume details.
Persistent Volume Claim Management
Create persistent volume claim, clone persistent volume, expand persistent volume, edit persistent volume claim information, edit persistent volume information, delete persistent volume claim, delete persistent volume.
Storage Class Viewing
View storage class list, view storage class details.
Storage Class Management
Create storage class, set default storage class, enable and disable volume operations, edit storage class information, delete storage class.
Access Control
Parameter Description Role Viewing
View cluster role list, view cluster role details.
Member Viewing
View cluster member list.
Member Management
Invite users to join the cluster, change cluster member roles, remove cluster members.
Project
Permission Operations Allowed Project Viewing
View project list, view project details.
Project Management
Create project, edit project information, edit project annotations, edit project quotas, edit default container quotas, delete project.
Cluster Resources
Permission Operations Allowed Node View
View node list, view node details.
Node Management
Prevent and allow pod scheduling to nodes, access node terminal, edit node taints, edit node labels.
Custom Resource Definition Viewing
View custom resource definition list, view custom resource definition details.
Custom Resource Definition Management
Edit custom resources, delete custom resources.
Cluster Settings
Permission Operations Allowed Cluster Settings View
View cluster overview, view cluster basic information, view cluster visibility.
Cluster Settings Management
Use cluster management features, edit cluster basic information, edit cluster visibility.
Application Workloads
Permission Operations Allowed Application Workload Viewing
Workload View: View workload list, view workload details.
Job View: View job list, view job details.
Pod View: View pod list, view pod details, view container details.
Service View: View service list, view service details.
Application Workload Management
Workload Management: Create workload, edit workload information, recreate workload, adjust pod replica count, stop workload, rollback workload settings, edit workload settings, delete workload.
Job Management: Create job, edit job information, rerun job, pause scheduled job, delete job.
Pod Management: Access container terminal, delete pod.
Service Management: Create service, edit service information, edit service settings, edit service external access settings, delete service.
Previous
