How to Create New Roles for Managing Users and Groups in OpenShift
Issue
- As OCP 3.3 administrators, we would like to create a new role (such as a new project admin role, but with less authorization).
- We would like this role to enable users to have the same bindings as a project admin, but with no possibility to delete his project, and with no possibility to create a new project.
- Could you please explain us how we could create a new role (based on the "admin" role for instance), and configure the bindings to set the authorizations defined above ?
- How to create or extend existing clusterroles, project roles, rolebindings, or clusterrolebindings?
Environment
- Red Hat OpenShift Container Platform
- 3.3, 3.4, 3.5
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.