Impersonating cluster-admin within APPUiO Zone
- Source
-
APPUiO Zone administrator
- Stimulus
-
Impersonating as
cluster-admin(built-in OpenShift role) - Environment
-
Any APPUiO Zone
- Artifact
-
kubectlandoc - Response
-
Operation requiring elevated privilege granted
- Response measure
-
Operation is granted with the
--as cluster-adminCLI flag - Rationale
-
In OpenShift, certain operations (for example installing Operators) require elevated privileges. Pre-defined users or groups are given the
cluster-adminrole in order to maintain the APPUiO Zone or provide technical support for customers.
This is similar to sudo in Linux.
|