Create a role binding in the access policy for an object to specify permissions for a member or group.
Log in to the Tanzu Mission Control console, and then go to the Access page for the type of object for which you want to add a role binding, as described in View Your Access Policies.
- To edit the access policy for an object, you must be associated with the .admin role for that object.
- Navigate to the object whose access policy you want to add a role binding to, as described in View Your Access Policies.
- In the organizational view, select the object.
- Click the arrow next to the object name under Direct access policies.
- Click Create Role Binding.
- Select the role that you want to bind to an identity.
- Select the identity type that you want to bind.
- group can be any group you have defined for your organization in VMware Cloud Services.
- Kubernetes service account identifies a service account, and the namespace in which it is defined.
- Enter one or more identities, clicking Add after each identity.
- Click Save.
When you click Save, the new role binding is applied to the policy and is displayed on the Access page.
Example: Grant yourself access to your first cluster
- In the organizational view on the Access page, select your cluster.
- Click the arrow next to the cluster name under Direct access policies, and then click Create Role Binding.
- Select the cluster.admin role to grant administrative access to this cluster.
- Select the user type to grant access to individuals.
- Enter user IDs for yourself or your colleagues in the user identity field, clicking Add after each identity.
- Click Save.