This section describes how to create a project role.

Prerequisites

You need to join a project and have the Role Management permission in the project. For more information, see Project Members and Project Roles.

Steps

  1. Log in to the KubeSphere web console with a user who has Role Management permissions and enter your workspace.

  2. Click Project Management > Project Role in the left navigation pane.

  3. Select a project from the drop-down list in the upper left corner of the page.

  4. Click Create on the page.

  5. In the Create Project Role dialog box, set the name, alias, and description for the project role, then click Edit Permissions.

    Parameter Description

    Name

    The name of the project role. The name can only contain lowercase letters, numbers, and hyphens (-), must start and end with a lowercase letter or number, and can be up to 63 characters long.

    Alias

    The alias of the project role. Aliases for different project roles can be the same.

    Description

    The description information of the project role. The description can contain any characters and has a maximum length of 256 characters.

  6. In the Edit Permissions dialog box, set the permissions for the project role, then click OK.

    • Storage

      Permission Allowed Operations

      Persistent Volume Claim Management

      Create Persistent Volume Claims, clone persistent volumes, expand persistent volumes, edit Persistent Volume Claim information, delete Persistent Volume Claims.

      Persistent Volume Claim View

      View Persistent Volume Claim list, view Persistent Volume Claim details.

    • Configuration

      Permission Allowed Operations

      ConfigMap Management

      Create ConfigMaps, edit ConfigMap information, edit ConfigMap settings, delete ConfigMaps.

      ConfigMap View

      View ConfigMap list, view ConfigMap details.

      Secret Management

      Create Secrets, edit Secret information, edit Secret settings, delete Secrets.

      Secret View

      View Secret list, view Secret details.

      Service Account Management

      Create Service Accounts, edit Service Account information, modify Service Account roles, delete Service Accounts.

      Service Account View

      View Service Account list, view Service Account details.

    • Application Workloads

      Permission Allowed Operations

      Application Workloads Management

      Manage resources such as applications, services, workloads, and Jobs within the project.

      Application Workloads View

      View resources such as applications, services, workloads, and Jobs within the project.

    • Applications

      Permission Allowed Operations

      Application Instance Management

      Install applications from application templates, install applications from the App Store, delete applications.

      Application Instance View

      View application list, view application details based on templates.

    • Access Control

      Permission Allowed Operations

      Role View

      View project role list, view project role details.

      Member View

      View project member list.