Oc policy: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 8: Line 8:
==add-role-to-user==
==add-role-to-user==


Add an existing [[OpenShift_Security_Concepts#Role|role]] - by creating a [[OpenShift_Security_Concepts#Binding|binding]] - to [[OpenShift_Security_Concepts#User|users]] or [[OpenShift_Security_Concepts#Service_Account|service accounts]], for the current project, or, if '-n' is used, for the specified project:
Add a <font color=red>local</font> [[OpenShift_Security_Concepts#Role|role]] - by creating a [[OpenShift_Security_Concepts#Binding|binding]] - to [[OpenShift_Security_Concepts#User|users]] or [[OpenShift_Security_Concepts#Service_Account|service accounts]], for the current project, or, if '-n' is used, for the specified project:


  oc policy add-role-to-user <''role-name''> <''user-name''|''service-account-name''> [-n <''project-name''>]
  oc policy add-role-to-user <''role-name''> <''user-name''|''service-account-name''> [-n <''project-name''>]

Revision as of 17:56, 1 November 2017

Internal

Overview

Subcommands

add-role-to-user

Add a local role - by creating a binding - to users or service accounts, for the current project, or, if '-n' is used, for the specified project:

oc policy add-role-to-user <role-name> <user-name|service-account-name> [-n <project-name>]
oc policy add-role-to-user view system:serviceaccount:monitored-project:monitor-agent

add-role-to-group

oc policy add-role-to-group view system:serviceaccounts -n <some-project>