public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-07 13:43:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Sync Product PR #744 (Add security warning for Cluster Members on Cluster and Project Roles page)

Browse Source
This commit is contained in:
Billy Tat
2026-04-22 14:22:17 -07:00
parent dc25596ac3
commit 0c0d5992e0
6 changed files with 48 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles
versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles
versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles
versioned_docs/version-2.12/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles
versioned_docs/version-2.13/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles
versioned_docs/version-2.14/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md
+8 -2
View File
@@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to
- **Cluster Owner:**
These users have full control over the cluster and all resources in it.
These users have full control over the cluster and all resources in it.
- **Cluster Member:**
These users can view most cluster level resources and create new projects.
These users can view most cluster level resources and create new projects.
:::warning
When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster.
:::
#### Custom Cluster Roles