From b44ad6143f3a663cc579646d9f5b600cd6577938 Mon Sep 17 00:00:00 2001 From: Jake Angerman Date: Tue, 8 Mar 2022 14:19:23 -0500 Subject: [PATCH] Update kubernetes.md make service account access levels easier to read --- .../set-up-cloud-provider/kubernetes.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/content/latest/yugabyte-platform/configure-yugabyte-platform/set-up-cloud-provider/kubernetes.md b/docs/content/latest/yugabyte-platform/configure-yugabyte-platform/set-up-cloud-provider/kubernetes.md index 3cd0b39911cd..b5955bedc326 100644 --- a/docs/content/latest/yugabyte-platform/configure-yugabyte-platform/set-up-cloud-provider/kubernetes.md +++ b/docs/content/latest/yugabyte-platform/configure-yugabyte-platform/set-up-cloud-provider/kubernetes.md @@ -100,7 +100,7 @@ Ensure that you have replaced the `namespace` from the commands with the correct The tasks you can perform depend on your access level. -Global Admin can grant broad cluster level admin access by executing the following command: +**Global Admin** can grant broad cluster level admin access by executing the following command: ```sh curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-global-admin.yaml \ @@ -108,7 +108,7 @@ curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-g | kubectl apply -n -f - ``` -Global Restricted can grant access to only the specific cluster roles to create and manage YugabyteDB universes across all the namespaces in a cluster using the following command: +**Global Restricted** can grant access to only the specific cluster roles to create and manage YugabyteDB universes across all the namespaces in a cluster using the following command: ```sh curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-global.yaml \ @@ -127,7 +127,7 @@ kubectl auth can-i \ {namespaces|poddisruptionbudgets|services|statefulsets|secrets|pods|pvc} ``` -Namespace Admin can grant namespace-level admin access by using the following command: +**Namespace Admin** can grant namespace-level admin access by using the following command: ```sh curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-namespaced-admin.yaml \ @@ -146,7 +146,7 @@ kubectl auth can-i \ {poddisruptionbudgets|services|statefulsets|secrets|pods|pvc} ``` -Namespace Restricted can grant access to only the specific roles required to create and manage YugabyteDB universes in a particular namespace. Contains Roles and RoleBindings for the required set of permissions. +**Namespace Restricted** can grant access to only the specific roles required to create and manage YugabyteDB universes in a particular namespace. Contains Roles and RoleBindings for the required set of permissions. For example, if your goal is to allow the platform software to manage YugabyteDB universes in the namespaces `yb-db-demo` and `yb-db-us-east4-a` (the target namespaces), then you need to apply in both the target namespaces, as follows: