The Kubernetes Clusters rights bundle comprises of the rights required for managing Tanzu Kubernetes Grid clusters. By default, this right bundle is automatically published to all tenant users of VMware Cloud Director Container Service Extension.

Table 1. Rights included in Kubernetes Clusters Rights Bundle
Right
Allow Access to All Organization VDCs
Manage user's own API token
Manage Certificates Library
View Certificates Library
Administrator View
Create a Disk
Edit Disk Properties
View Disk Properties
Create a Shared Disk
Preserve All ExtraConfig Elements During OVF Import and Export
View Shared Catalogs from Other Organizations
View Gateway
NAT View Only
NAT Configure
Load Balancer View Only
Load Balancer Configure
View: VMWARE:VCDKECONFIG
View: VMWARE:CAPVCDCLUSTER
Edit VMWARE:CAPVCDCLUSTER
Full Control: VMWARE:CAPVCDCLUSTER
Administrator View: VMWARE:CAPVCDCLUSTER
Administrator Full Control: VMWARE:CAPVCDCLUSTER

The following IP Spaces rights are optional, and are only necessary when you want to leverage Gateways using IP Spaces. Service providers must manually add these rights to the Kubernetes Clusters Rights Bundle as they are not automatically added. For instructions, see View and Edit a Rights Bundle Using VMware Cloud Director.

Table 2. IP Spaces Rights
Right
View IP Spaces
Manage IP Spaces
Allocate IP Spaces

The following conditional rights are added only if they already exist in the system, as they are relevant to Kubernetes cluster management:

Table 3. Conditional Rights
Right
View: Tanzu Kubernetes Guest Cluster
Edit Tanzu Kubernetes Guest Cluster
Full Control: Tanzu Kubernetes Guest Cluster
Administrator View: Tanzu Kubernetes Guest Cluster
Administrator Full Control: Tanzu Kubernetes Guest Cluster
View: CSE:NATIVECLUSTER
Edit CSE:NATIVECLUSTER
Full Control: CSE:NATIVECLUSTER
Administrator View: CSE:NATIVECLUSTER
Administrator Full Control: CSE:NATIVECLUSTER