How to grant access to specify namespace in kubernetes dashboard?

Question

I have multiple namespace in my k8s cluster and user too. I deployed K8S dashboard, and now I want to grant access to namespace to specify user. EX: user A only access namespace A on dashboard user B is only access namespace B on dashboard.

Could anyone give some snippet config?

Thanks all.

score 4 · Accepted Answer · answered Feb 28 '20 at 06:33

4

Create a role and role binding as below and add the user to the specific group

(This is just an example config and you may not want to give your user full access to namespace)

---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
  name: example-ns-full-access
  namespace: example-ns
rules:
- apiGroups: [""]
  resources: ["*"]
  verbs: ["*"]
- apiGroups: ["extensions"]
  resources: ["*"]
  verbs: ["*"]

---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: example-rolebinding
  namespace: example-ns
subjects:
- kind: Group
  name: example-admins
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: Role
  name: example-ns-full-access
  apiGroup: rbac.authorization.k8s.io

answered Feb 28 '20 at 06:33

Tummala Dhanvi

3,007
2
19
35

Can we use Service account instead of Group or User? – Thanhvanptit Feb 28 '20 at 06:47
service account -> apps and role -> users – Tummala Dhanvi Feb 28 '20 at 06:50
@Thanhvanptit how you slove this problem , facing the same, can you help me with snippet config – Gaurav Agnihotri Nov 04 '20 at 13:21
1

I was able to use ServiceAccount instead of Groups and Users. – Daniel Andrzejewski Jun 22 '22 at 08:43

How to grant access to specify namespace in kubernetes dashboard?

1 Answers1