diff --git a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index 8d4c6dd8ad9..47321abc2f3 100644 --- a/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/docs/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles diff --git a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index 22aab5d5cac..314082c771e 100644 --- a/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/versioned_docs/version-2.10/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles diff --git a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index 22aab5d5cac..314082c771e 100644 --- a/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/versioned_docs/version-2.11/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles diff --git a/versioned_docs/version-2.12/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/versioned_docs/version-2.12/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index c896b2ebf16..8136db0fd84 100644 --- a/versioned_docs/version-2.12/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/versioned_docs/version-2.12/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles diff --git a/versioned_docs/version-2.13/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/versioned_docs/version-2.13/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index 8d4c6dd8ad9..47321abc2f3 100644 --- a/versioned_docs/version-2.13/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/versioned_docs/version-2.13/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles diff --git a/versioned_docs/version-2.14/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md b/versioned_docs/version-2.14/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md index 8d4c6dd8ad9..47321abc2f3 100644 --- a/versioned_docs/version-2.14/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md +++ b/versioned_docs/version-2.14/how-to-guides/new-user-guides/authentication-permissions-and-global-configuration/manage-role-based-access-control-rbac/cluster-and-project-roles.md @@ -31,11 +31,17 @@ _Cluster roles_ are roles that you can assign to users, granting them access to - **Cluster Owner:** - These users have full control over the cluster and all resources in it. + These users have full control over the cluster and all resources in it. - **Cluster Member:** - These users can view most cluster level resources and create new projects. + These users can view most cluster level resources and create new projects. + + :::warning + + When a Cluster Member creates a project, the user is automatically assigned [Project Owner privileges](#project-roles). This grants them comprehensive control over the project and its associated resources, including permissions to deploy workloads. Without enforced [Pod Security Standards (PSS) and Pod Security Admission (PSA)](../pod-security-standards.md), a Cluster Member is able to execute privileged containers in the cluster. + + ::: #### Custom Cluster Roles