How to let another user access my kubernetes on IBM Bluemix?

9/4/2017

I created a kubernetes cluster under my user account on IBM Bluemix, and added another into my organization. But he can't see my cluster. Is there any other configure?

-- reachlin
ibm-cloud
ibm-cloud-kubernetes
iks
kubernetes

1 Answer

9/5/2017

To manage cluster access, see this link from the IBM Bluemix Container Service documentation. Summarised here:

Managing cluster access

You can grant access to your cluster to other users, so that they can access the cluster, manage the cluster, and deploy apps to the cluster.

Every user that works with IBM Bluemix Container Service must be assigned a service-specific user role in Identity and Access Management that determines what actions this user can perform. Identity and Access Management differentiates between the following access permissions.

  • IBM Bluemix Container Service access policies

Access policies determine the cluster management actions that you can perform on a cluster, such as creating or removing clusters, and adding or removing extra worker nodes.

  • Cloud Foundry roles

Every user must be assigned a Cloud Foundry user role. This role determines the actions that the user can perform on the Bluemix account, such as inviting other users, or viewing the quota usage. To review the permissions of each role, see Cloud Foundry roles.

  • RBAC roles

Every user who is assigned an IBM Bluemix Container Service access policy is automatically assigned an RBAC role. RBAC roles determine the actions that you can perform on Kubernetes resources inside the cluster. RBAC roles are set up for the default namespace only. The cluster administrator can add RBAC roles for other namespaces in the cluster. See Using RBAC Authorization in the Kubernetes documentation for more information.

-- Art Berger
Source: StackOverflow