Implicit RBAC grants in OpenShift Container Platform
- When a user creates a
volumeClaimTemplates, he can provision a
PersistentVolumeClaimeven if the user does not have the permission to create a
PersistentVolumeClaimobject. Why is this?
- Are there implicit grants for RBAC permissions for certain objects?
- As a user,
oc auth can-i create persistentvolumeclaimsreturns "no", but the user can still create
StatefulSet- why is this?
- OpenShift Container Platform 4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.