Devtron K8s Dashboard
  • Getting Started
    • Overview of Dashboard
    • Prerequisites
    • Install Modern Kubernetes Dashboard
  • User Guide
    • Explore Kubernetes Resources
      • Overview Page
      • Discover and Manage Resources
      • Nodes and Operations
      • Pod Management and Debugging
      • Cluster Terminal
      • Add Monitoring Dashboards/Graphs
      • Run Kubectl Commands Locally
    • Use Resource Watcher
    • Manage Helm Apps
    • Manage Argo CD Apps
    • Manage Flux CD Apps
    • Chart Store
      • Examples
        • Deploying MySQL Helm Chart
        • Deploying MongoDB Helm Chart
  • Operator Guide
    • Projects
    • Clusters
    • OCI Registry
    • Chart Repositories
    • Manage Authorization (RBAC)
      • SSO Login Services
        • Google
        • GitHub
        • GitLab
        • Microsoft
        • LDAP
        • OIDC
          • Keycloak
          • Okta
        • OpenShift
      • User Permissions
      • Permission Groups
      • API Tokens
    • External Links
    • Catalog Framework
    • Charts and Chart Store
    • Show/Hide Argo CD App Listing
    • Show/Hide Flux CD App Listing
    • Configure GUI Schema for Manifests
    • Configure Lock Schema for Manifests
  • Resources
    • Glossary
    • FAQ
Powered by GitBook
On this page
  • Add Group
  • Helm Apps Permissions
  • Kubernetes Resources Permissions
  • Edit Permissions Group
  • Delete Permissions Group
Export as PDF
  1. Operator Guide
  2. Manage Authorization (RBAC)

Permission Groups

PreviousUser PermissionsNextAPI Tokens

Last updated 6 months ago

Using the Permission groups, you can assign a user to a particular group and a user inherits all the permissions granted to the group.

The advantage of the Permission groups is to define a set of privileges like create, edit, or delete for the given set of resources that can be shared among the users within the group.

The section for Specific permissions contains a drop-down list of all existing groups for which a user has an access. This is an optional field and more than one groups can be selected for a user.

Add Group

Go to Global Configurations → Authorization → Permissions groups → Add group.

Enter the Group Name and Description.

Helm Apps Permissions

In Helm Apps option, you can provide access to a group to manage permission for Helm apps deployed from Devtron or outside Devtron.

Provide the information in the following fields:

Dropdown
Description

Project

Select a project from the drop-down list to which you want to give permission to the group. You can select only one project at a time. Note: If you want to select more than one project, then click Add row.

Environment or cluster/namespace

Select the specific environment or all existing environments in default cluster from the drop-down list. Note: If you select all existing + future environments in default cluster option, then a user gets access to all the current environments including any new environment which gets associated with the application later.

Application

Select the specific application or all applications from the drop-down list corresponding to your selected Environments. Note: If All applications option is selected, then a user gets access to all the current applications including any new application which gets associated with the project later .

Role

  • View only

  • View & Edit

  • Admin

You can add multiple rows for Devtron app permission.

Once you have finished assigning the appropriate permissions for the groups, Click Save.

Kubernetes Resources Permissions

Only super admin users will be able to see Kubernetes Resources tab and provide permission to other users to access Resource Browser.

To provide Kubernetes resource permission, click Add permission.

On the Kubernetes resource permission, provide the information in the following fields:

Dropdown
Description

Cluster

Select a cluster from the drop-down list to which you want to give permission to the user. You can select only one cluster at a time. Note: To add another cluster, then click Add another.

Namespace

Select the namespace from the drop-down list.

API Group

Select the specific API group or All API groups from the drop-down list corresponding to the K8s resource.

Kind

Select the kind or All kind from the drop-down list corresponding to the K8s resource.

Resource name

Select the resource name or All resources from the drop-down list to which you want to give permission to the user.

Role

  • View

  • Admin

You can add multiple rows for Kubernetes resource permission.

Once you have finished assigning the appropriate permissions for the groups, Click Save.

Edit Permissions Group

You can edit the permission groups by clicking the downward arrow.

Edit the permission group.

Once you are done editing the permission group, click Save.

Delete Permissions Group

If you want to delete a particular permission group, click the delete icon.

You can either grant permission to a user group or specific permissions to manage access for:

Select one of the to which you want to give permission to the user:

In Kubernetes Resources option, you can provide permission to view, inspect, manage, and delete resources in your clusters from in Devtron. You can also create resources from Resource Browser.

Select one of the to which you want to give permission to the user and click Done:

Resource Browser
Helm Apps
Kubernetes Resources
roles
roles
User permissions
super-admin