[enterprise-4.11] Issue in file operators/admin/olm-creating-policy.adoc #51078
Labels
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
Comments
|
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
openshift-ci
bot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
openshift-ci
bot
removed
the
lifecycle/stale
|
Issues go stale after 90d of inactivity. Mark the issue as fresh by commenting If this issue is safe to close now please do so with /lifecycle stale |
openshift-ci
bot
added
the
lifecycle/stale
|
/lifecycle frozen |
openshift-ci
bot
added
lifecycle/frozen
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Which section(s) is the issue in?
Allowing non-cluster administrators to install Operators
What needs fixing?
The title of the section is misleading. The instructions there do not grant any permission to any user or group. They are about limiting permissions to an application, that is, to an operator. Operators run, by default, with full cluster administator privileges and these instructions show how to run an operator with more restrictive privileges.
Though runnig operators with limited privileges is necessary for the use case stated in the title, else "regular" users could use operators to escalate their own privileges, I cannot see instructions on how to enable non-cluster administrator users to install operators nor how the ensure these users can only run operators under restricted privileges.
The text was updated successfully, but these errors were encountered: