https://rancher.com/ logo
Powered by
Title
g

gentle-eye-36337

03/03/2023, 10:33 PM
Hello 👋 I am attempting to make a very restricted 
read only
cluster role for team members. The only hangup I have is the monitoring page, only getting 
Resources Unavailable
. I do not want to add anyone to the 
System
project, and only managed though 
RoleTemplate
. Thoughts? Will post yaml to reply.
Untitled
Untitled
image.png
image.png
Adding this works, but it adds more things than I want this role to have. Not sure what config this is using for me to pull from lol
Ok the name is 
view
, so it has to be this?
yes it is, I see the clusterrolebinding being created when I add that role, which allows the links to work. Now to get only the row I want out of it
Ok figured it out. I made a copy of 
view
cluster role and removed what I wanted. I then created a new role template 
apiVersion: <http://management.cattle.io/v3|management.cattle.io/v3>
builtin: false
context: project
description: ""
displayName: Kubernetes view restricted
external: true
hidden: false
kind: RoleTemplate
metadata:
  name: view-restricted
I then set that to be inherited by my new role, and everything works how I want
#generalJoin Slack
Powered by