From 3300efdb9556671abd88a31f728ec38a39777126 Mon Sep 17 00:00:00 2001 From: Dan Ramich Date: Wed, 29 Aug 2018 14:04:30 -0700 Subject: [PATCH 1/2] Update _index.md --- .../en/admin-settings/rbac/default-custom-roles/_index.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md b/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md index 45bae9fcb9d..197f6aacd8c 100644 --- a/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md +++ b/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md @@ -22,6 +22,8 @@ While Rancher comes out-of-the-box with a set of default user roles, you can als 1. From the **Global** view, select **Security > Roles** from the main menu. + + 2. Click **Add Role**. 3. **Name** the role. @@ -29,7 +31,10 @@ While Rancher comes out-of-the-box with a set of default user roles, you can als 4. Choose whether to set the role to a status of [locked]({{< baseurl >}}/rancher/v2.x/en/admin-settings/rbac/locked-roles/). Locked roles cannot be assigned to users. - + 5. Assign the role a **Context**. Context determines the scope of role assigned to the user. The contexts are: - **All** From 4c2d970e5880234cb244670ea6c8c747f4554230 Mon Sep 17 00:00:00 2001 From: Mark Bishop Date: Thu, 6 Sep 2018 16:41:56 -0700 Subject: [PATCH 2/2] add version labels for default custom role option and UI change. --- .../rbac/default-custom-roles/_index.md | 29 +++++++++++++------ 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md b/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md index 197f6aacd8c..11caf489f34 100644 --- a/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md +++ b/content/rancher/v2.x/en/admin-settings/rbac/default-custom-roles/_index.md @@ -22,20 +22,31 @@ While Rancher comes out-of-the-box with a set of default user roles, you can als 1. From the **Global** view, select **Security > Roles** from the main menu. - +1. **v2.0.7 and later only:** Select a tab to determine the scope of the roles you're adding. The tabs are: -2. Click **Add Role**. + - **Cluster** -3. **Name** the role. + The role is valid for assignment when adding/managing members to _only_ clusters. -4. Choose whether to set the role to a status of [locked]({{< baseurl >}}/rancher/v2.x/en/admin-settings/rbac/locked-roles/). + - **Project** + + The role is valid for assignment when adding/managing members to _only_ projects. + + >**Note:** You cannot edit the Global tab. + +1. Click **Add Cluster/Project Role**. + +1. **Name** the role. + +1. Choose whether to set the role to a status of [locked]({{< baseurl >}}/rancher/v2.x/en/admin-settings/rbac/locked-roles/). Locked roles cannot be assigned to users. - -5. Assign the role a **Context**. Context determines the scope of role assigned to the user. The contexts are: + +1. **v2.0.7 and later only:** Choose a **Cluster/Project Creator Default** option setting. Use this option to set if the role is assigned to a user when they create a new cluster or project. Using this feature, you can expand or restrict the default roles for cluster/project creators. + + >**Note:** Out of the box, the Cluster Creator Default and the Project Creator Default roles are `Cluster Owner` and `Project Owner` respectively. + +1. **v2.0.6 and earlier only:** Assign the role a **Context**. Context determines the scope of role assigned to the user. The contexts are: - **All**