From fc6da9f79aa8c2198ceed74091db15a551e576dc Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Mon, 11 Dec 2023 09:48:29 -0700 Subject: [PATCH 1/2] docs: update kubeconfig behavior PEM-4198 --- docs/docs-content/clusters/cluster-management/kubeconfig.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docs-content/clusters/cluster-management/kubeconfig.md b/docs/docs-content/clusters/cluster-management/kubeconfig.md index 5028f64414..f36c93c2b5 100644 --- a/docs/docs-content/clusters/cluster-management/kubeconfig.md +++ b/docs/docs-content/clusters/cluster-management/kubeconfig.md @@ -36,7 +36,7 @@ Palette exposes kubeconfig files for each cluster deployed through the platform. Your assigned [Palette permissions](../../user-management/palette-rbac/project-scope-roles-permissions.md) determine which clusters you can access and what operations you can perform on the cluster. The permissions assigned to you in Palette determine if you can download and access the kubeconfig files for a cluster. -As a rule of thumb, users with the Palette role [*Cluster Admin*](../../user-management/palette-rbac/project-scope-roles-permissions#cluster) can access both kubeconfig files for all clusters in the project. Users with lower-level project roles such as the *Cluster Editor* or the *Cluster Viewer* may not be able to access the kubeconfig file of the cluster. +As a rule of thumb, users with the Palette role [*Cluster Admin*](../../user-management/palette-rbac/project-scope-roles-permissions#cluster) can access the admin kubeconfig files for all clusters in the project. Users with lower-level project roles such as the *Cluster Editor* or the *Cluster Viewer* may not be able to access the kubeconfig file of the cluster. @@ -75,7 +75,7 @@ The following table shows the *Cluster Admin* role or equivalent provides access **Is OIDC Configured?** | **Is Spectro Proxy Enabled?** | **Access to Kubeconfig File** | **Access to Admin Kubeconfig File** | --- | --- | --- | --- | Yes | Yes | ✅ | ✅ | -No | Yes| ✅ | ✅ | +No | Yes| ❌ | ✅ | Yes | No | ✅ | ✅ | ### Non-Cluster Admin From aa91be6bcf8a8463bf4bae7fa9ab12183619b854 Mon Sep 17 00:00:00 2001 From: Karl Cardenas Date: Mon, 11 Dec 2023 10:51:37 -0700 Subject: [PATCH 2/2] Update docs/docs-content/clusters/cluster-management/kubeconfig.md Co-authored-by: Rita Watson <117382432+ritawatson@users.noreply.github.com> --- docs/docs-content/clusters/cluster-management/kubeconfig.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs-content/clusters/cluster-management/kubeconfig.md b/docs/docs-content/clusters/cluster-management/kubeconfig.md index f36c93c2b5..a7673025a3 100644 --- a/docs/docs-content/clusters/cluster-management/kubeconfig.md +++ b/docs/docs-content/clusters/cluster-management/kubeconfig.md @@ -36,7 +36,7 @@ Palette exposes kubeconfig files for each cluster deployed through the platform. Your assigned [Palette permissions](../../user-management/palette-rbac/project-scope-roles-permissions.md) determine which clusters you can access and what operations you can perform on the cluster. The permissions assigned to you in Palette determine if you can download and access the kubeconfig files for a cluster. -As a rule of thumb, users with the Palette role [*Cluster Admin*](../../user-management/palette-rbac/project-scope-roles-permissions#cluster) can access the admin kubeconfig files for all clusters in the project. Users with lower-level project roles such as the *Cluster Editor* or the *Cluster Viewer* may not be able to access the kubeconfig file of the cluster. +As a rule, users with the Palette role [*Cluster Admin*](../../user-management/palette-rbac/project-scope-roles-permissions#cluster) can access the admin kubeconfig files for all clusters in the project. Users with lower-level project roles such as the *Cluster Editor* or the *Cluster Viewer* may not be able to access the kubeconfig file of the cluster.