Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[docs] Update kubernetes.md #11694

Merged
merged 1 commit into from
Mar 9, 2022
Merged

[docs] Update kubernetes.md #11694

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions ...gabyte-platform/configure-yugabyte-platform/set-up-cloud-provider/kubernetes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,15 +100,15 @@ Ensure that you have replaced the `namespace` from the commands with the correct

The tasks you can perform depend on your access level.

Global Admin can grant broad cluster level admin access by executing the following command:
**Global Admin** can grant broad cluster level admin access by executing the following command:

```sh
curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-global-admin.yaml \
| sed "s/namespace: <SA_NAMESPACE>/namespace: <namespace>"/g \
| kubectl apply -n <namespace> -f -
```

Global Restricted can grant access to only the specific cluster roles to create and manage YugabyteDB universes across all the namespaces in a cluster using the following command:
**Global Restricted** can grant access to only the specific cluster roles to create and manage YugabyteDB universes across all the namespaces in a cluster using the following command:

```sh
curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-global.yaml \
Expand All @@ -127,7 +127,7 @@ kubectl auth can-i \
{namespaces|poddisruptionbudgets|services|statefulsets|secrets|pods|pvc}
```

Namespace Admin can grant namespace-level admin access by using the following command:
**Namespace Admin** can grant namespace-level admin access by using the following command:

```sh
curl -s https://raw.githubusercontent.com/yugabyte/charts/master/rbac/platform-namespaced-admin.yaml \
Expand All @@ -146,7 +146,7 @@ kubectl auth can-i \
{poddisruptionbudgets|services|statefulsets|secrets|pods|pvc}
```

Namespace Restricted can grant access to only the specific roles required to create and manage YugabyteDB universes in a particular namespace. Contains Roles and RoleBindings for the required set of permissions.
**Namespace Restricted** can grant access to only the specific roles required to create and manage YugabyteDB universes in a particular namespace. Contains Roles and RoleBindings for the required set of permissions.

For example, if your goal is to allow the platform software to manage YugabyteDB universes in the namespaces `yb-db-demo` and `yb-db-us-east4-a` (the target namespaces), then you need to apply in both the target namespaces, as follows:

Expand Down