RBAC Configuration

You must configure Kloudfuse to implement RBAC in your deployment.

Copy the following code in your custom-values.yaml file and make necessary edits.

The following sections outline the basic steps and provide examples on how to configure various components of RBAC.

To review general concepts, see Role-Based Access Control (RBAC).

Enable RBAC

The default RBAC policy is a fully-enabled RBAC, with full access.

To enable RBAC, add the following code to the <custom_values.yaml> file:

RBACEnabled: true
yaml

Default User Role

The default user role for new users in Kloudfuse is Editor.

Admins can change this setting in the UI for individual users. See Assign Roles.

To change the default assignment for new users to Viewer, use the following code to the <custom_values.yaml> file:

rbacDefaultUserRole: Viewer
yaml

Default Policy

Users who do not have a Policy assigned through the UI get a default level of access, depending on configuration:

default_rbac_policy: rbac_allow_all
yaml

To change the default policy for the various roles, use the following code to the <custom_values.yaml> file:

default_rbac_policy: rbac_allow_none
yaml

See Change a Policy to set the policy in the UI.