public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-06 05:03:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e735be11b9d92d91fcaef0ce6d857a201f8803ba
rancher-docs/versioned_docs/version-2.6/pages-for-subheaders/manage-role-based-access-control-rbac.md
T
Marty Hernandez Avedon 3a4b7e73c0 #766 Consistently using verbs in titles (#1038) 
* gerundify Configuration for Storage Classes in Azure

* gerundify Authentication Config

* gerundify Bootstrap Password

* gerundify and disambiguate manage-PSP

* gerundify and disambiguate create-PSP

* syncing? Syncing what?

* updating label for Configure OpenLDAP

* updating label for authentication config

* updating label for configuring microsoft ad and shibboleth (saml)

* updating label for configuring microsoft ad and shibboleth (saml) in sidebars (last commit covered versioned docs)

* label + title for one of several sets of pages entitled role-based access control

* gerundify Upgrade a Hardened Custom/Imported Cluster to Kubernetes v1.25

* re-order title of Certificate Troubleshooting so verb comes first

* added 'about' to title because the page is about drivers that provision, not how to provision a driver

* template enforcement > enforcing templates

* update label to match title - deploy > deploying

* updated label to matach title - manage clusters > cluster administration

* gerundify set up in infrastructure setup section

* typo fix - spacing

* matching label to title - launch > launching

* label matching title - set up part 2

* label matching title - windows clusters

* how to configure > configuring

* using > launching (partially matches label to title)

* ingress config > configging an ingress

* match label to title - project administration

* match label to title - project resource quotas

* match title to label - monitoring/alerting guides

* matching label to title - enabling

* gerundify allow unsupported storage drivers

* Update openapi/swagger.json

* lost metadata syntax re-applied

* Apply suggestions from code review
2024-01-11 12:49:32 -05:00

1.6 KiB
Raw Blame History

title
title
Managing Role-Based Access Control (RBAC)
<head> </head>

Within Rancher, each person authenticates as a user, which is a login that grants you access to Rancher. As mentioned in Authentication, users can either be local or external.

After you configure external authentication, the users that display on the Users page changes.

  • If you are logged in as a local user, only local users display.

  • If you are logged in as an external user, both external and local users display.

Users and Roles

Once the user logs in to Rancher, their authorization, or their access rights within the system, is determined by global permissions, and cluster and project roles.

  • Global Permissions:

    Define user authorization outside the scope of any particular cluster.

  • Cluster and Project Roles:

    Define user authorization inside the specific cluster or project where they are assigned the role.

Both global permissions and cluster and project roles are implemented on top of Kubernetes RBAC. Therefore, enforcement of permissions and roles is performed by Kubernetes.

Reference in New Issue View Git Blame Copy Permalink