View Cluster Role Details

Time updated：2025-12-22 09:26:17

This section describes how to view cluster role details.

Prerequisites

You need to join a cluster and have the Role Viewing permission in the cluster. For more information, see Cluster Members and Cluster Roles.

Steps

Log in to the KubeSphere web console with a user who has Role Viewing permissions and enter your cluster.
Click Cluster Settings > Cluster Roles in the left navigation pane.
In the cluster role list, click the name of a cluster role to open its details page.

On the cluster role details page, click the Permissions tab to view the permissions granted to the cluster role.

All cluster members can view cluster resource information. Permissions required for other operations are as follows:

Storage

Permission	Allowed Operations
Persistent Volume Claim Viewing	View Persistent Volume Claim list, view Persistent Volume Claim details, view Persistent Volume list, view Persistent Volume details.
Persistent Volume Claim Management	Create Persistent Volume Claim, clone Persistent Volume Claim, expand Persistent Volume Claim, edit Persistent Volume Claim information, edit Persistent Volume information, delete Persistent Volume Claim, delete Persistent Volume.
Storage Class Viewing	View Storage Class list, view Storage Class details.
Storage Class Management	Create Storage Class, set default Storage Class, enable and disable volume operations, edit Storage Class information, delete Storage Class.

Permission

Allowed Operations

Persistent Volume Claim Viewing

View Persistent Volume Claim list, view Persistent Volume Claim details, view Persistent Volume list, view Persistent Volume details.

Persistent Volume Claim Management

Create Persistent Volume Claim, clone Persistent Volume Claim, expand Persistent Volume Claim, edit Persistent Volume Claim information, edit Persistent Volume information, delete Persistent Volume Claim, delete Persistent Volume.

Storage Class Viewing

View Storage Class list, view Storage Class details.

Storage Class Management

Create Storage Class, set default Storage Class, enable and disable volume operations, edit Storage Class information, delete Storage Class.

Access Control

Parameter	Description
Role Viewing	View cluster role list, view cluster role details.
Member Viewing	View cluster member list.
Member Management	Invite users to join the cluster, modify cluster member roles, remove cluster members.

Parameter

Description

Role Viewing

View cluster role list, view cluster role details.

Member Viewing

View cluster member list.

Member Management

Invite users to join the cluster, modify cluster member roles, remove cluster members.

Projects

Permission	Allowed Operations
Project Viewing	View project list, view project details.
Project Management	Create project, edit project information, edit project annotations, edit project quotas, edit default container quotas, delete project.

Permission

Allowed Operations

Project Viewing

View project list, view project details.

Project Management

Create project, edit project information, edit project annotations, edit project quotas, edit default container quotas, delete project.

Cluster Resources

Permission	Allowed Operations
Node Viewing	View node list, view node details.
Node Management	Cordon and uncordon nodes, access node terminal, edit node taints, edit node labels.
Custom Resource Definition Viewing	View Custom Resource Definition list, view Custom Resource Definition details.
Custom Resource Definition Management	Edit Custom Resource, delete Custom Resource.

Permission

Allowed Operations

Node Viewing

View node list, view node details.

Node Management

Cordon and uncordon nodes, access node terminal, edit node taints, edit node labels.

Custom Resource Definition Viewing

View Custom Resource Definition list, view Custom Resource Definition details.

Custom Resource Definition Management

Edit Custom Resource, delete Custom Resource.

Cluster Settings

Permission	Allowed Operations
Cluster Settings Viewing	View cluster overview information, view cluster basic information, view cluster visibility.
Cluster Settings Management	Use cluster management functions, edit cluster basic information, edit cluster visibility.

Permission

Allowed Operations

Cluster Settings Viewing

View cluster overview information, view cluster basic information, view cluster visibility.

Cluster Settings Management

Use cluster management functions, edit cluster basic information, edit cluster visibility.

Application Workloads

Permission	Allowed Operations
Application Workloads Viewing	Workload Viewing: View workload list, view workload details. Job Viewing: View Job list, view Job details. Pod Viewing: View pod list, view pod details, view container details. Service Viewing: View Service list, view Service details. Ingress Viewing: View Ingress list, view Ingress details, access backend services of Ingress. Workload Template Viewing: View workload template list.
Application Workloads Management	Workload Management: Create workload, edit workload information, recreate workload, adjust pod replicas, stop workload, rollback workload settings, edit workload settings, delete workload. Job Management: Create Job, edit Job information, rerun Job, suspend CronJob, delete Job. Pod Management: Access container terminal, delete pod. Service Management: Create Service, edit Service information, edit Service settings, edit Service external access settings, delete Service. Ingress Management: Create Ingress, edit Ingress information, edit routing rules, edit Ingress annotations, delete Ingress. Workload Template Management: Create workload template, edit template settings, create workload from template, delete workload template.

Permission

Allowed Operations

Application Workloads Viewing

Workload Viewing: View workload list, view workload details.
Job Viewing: View Job list, view Job details.
Pod Viewing: View pod list, view pod details, view container details.
Service Viewing: View Service list, view Service details.
Ingress Viewing: View Ingress list, view Ingress details, access backend services of Ingress.
Workload Template Viewing: View workload template list.

Application Workloads Management

Workload Management: Create workload, edit workload information, recreate workload, adjust pod replicas, stop workload, rollback workload settings, edit workload settings, delete workload.
Job Management: Create Job, edit Job information, rerun Job, suspend CronJob, delete Job.
Pod Management: Access container terminal, delete pod.
Service Management: Create Service, edit Service information, edit Service settings, edit Service external access settings, delete Service.
Ingress Management: Create Ingress, edit Ingress information, edit routing rules, edit Ingress annotations, delete Ingress.
Workload Template Management: Create workload template, edit template settings, create workload from template, delete workload template.

Click the Authorized Users tab to view users who have the current cluster role.

Parameter	Description
Username	The name of the authorized user.
Status	The current status of the authorized user. Active: The user’s current status is normal. Pending: The system is creating the user. Disabled: The user is disabled by the platform administrator and cannot log in to the KubeSphere web console. Login Restricted: The user has failed to log in 10 consecutive times within 10 minutes and is prohibited from logging in to the KubeSphere web console for 10 minutes.
Last Login	The time when the authorized user last logged into the KubeSphere web console.

Parameter

Description

Username

The name of the authorized user.

Status

The current status of the authorized user.

Active: The user’s current status is normal.
Pending: The system is creating the user.
Disabled: The user is disabled by the platform administrator and cannot log in to the KubeSphere web console.
Login Restricted: The user has failed to log in 10 consecutive times within 10 minutes and is prohibited from logging in to the KubeSphere web console for 10 minutes.

Last Login

The time when the authorized user last logged into the KubeSphere web console.