This section describes how to create a platform role.

The KubeSphere platform provides the following built-in platform roles. You can also create roles to customize role permissions.

Parameter Description

platform-admin

Platform administrator, who has all permissions on the KubeSphere platform, including platform role management, user management, cluster and workspace management, extension management, etc.

platform-regular

Platform regular user, who cannot access any resources before being invited to a workspace. This role is generally granted to workspace members who do not require other platform permissions.

platform-self-provisioner

Create a workspace and become the administrator of the created workspace.

Prerequisites

You need to have the platform-admin role on the KubeSphere platform. For more information, see Users and Platform Roles.

Steps

  1. Log in to the KubeSphere web console with a user who has the platform-admin role.

  2. Click Users and Roles Management.

  3. In the left navigation pane, select Platform Roles.

  4. On the page, click Create.

  5. In the Create Platform Role dialog box, set the name, alias, and description of the platform role, and then click Edit Permissions.

    Parameter Description

    Name

    The name of the platform role. The name can only contain lowercase letters, numbers, and hyphens (-), must start and end with a lowercase letter or number, and can be up to 63 characters long.

    Alias

    The alias of the platform role. Different workspace roles can have the same alias.

    Description

    The description of the platform role. The description can contain any characters and can be up to 256 characters long.

  6. In the Edit Permissions dialog box, set the permissions for the platform role, and then click OK.

    The permissions that can be set for a platform role are as follows:

    • App Store Management

      Permission Allowed Operations

      App Store Management

      Manage the App Store on the KubeSphere platform, such as app review, release, removal, etc.

    • Workspace

      Permission Allowed Operations

      Workspace Creation

      Create a workspace.

      Workspace Management

      Manage all workspaces and resources within workspaces.

      Workspace Viewing

      View all workspaces and resources within workspaces.

    • Cluster Management

      Permission Allowed Operations

      Cluster Management

      Create clusters, delete clusters, and manage all resources within clusters.

      Cluster Viewing

      View all clusters and cluster resources.

    • Access Control

      Permission Allowed Operations

      Role Viewing

      View the platform role list and view platform role details.

      User Viewing

      View the user list and view user details.