Use Tanzu Mission Control to edit the custom roles created for your organization.
As an administrator, you can create custom roles to meet the needs of your organization. After a role has been created, you cannot modify the name or visibility of the role, but you can edit the permissions and rules that it contains.
- To edit or create a custom role, you must be associated with the orginization.admin role for the organization.
Log in to the Tanzu Mission Control console, and then go to the Administration page.
- On the Administration page in the Tanzu Mission Control console, click the Roles tab.
- Click on the custom role you want to modify.
You cannot modify the Tanzu built-in roles.
- On the custom role detail page, click Actions (on the top right of the page), and then choose Edit from the dropdown.
- You can optionally edit the description.
- Edit the permissions you want to include by selecting or deselecting the appropriate checkboxes.
To view permissions that are not already included, click the Hide unselected permissions toggle.
- Edit the Kubernetes RBAC rules as necessary.
- To remove a rule, click its delete icon.
- To add a new rule, enter the parameters and then click Add Rule.
- To change an existing rule, click to adjust the parameters.
- You can optionally click Deprecate to toggle the prevention of new role bindings from using the custom role.
This action is helpful when you are preparing to remove a role from your organization.
- Click Save.