As part of this roles workflow, A set of Clester Roles and Cluster Bindings are deployed and ready to use. The intent of these roles is to create a default set of roles that only require the authorization system to provide the users groups. As they have been defined as Cluster Roles you can bind to both cluster and/or namespace.
A minimum access required princible has been adopted in the creation of these roles. With the roles designed to be for whom would access/use the cluster (An End user).


All Deployed ClusterRole include a labels authorization/description and authorization/target explaining their intended purpose and where they a recommended for binding.

Currently the following roles are deployed as part of this Anible role:

  • authorization:namespace:read

    Full read access to all objects except secrets

  • authorization:full

    Full read/write access to all objects including secrets

  • authorization:namespace:owner

    Full read/write access to all objects including secrets

  • authorization:cluster:view-metrics

    View node and pod metrics

  • ToDo-#6 authorization:cluster:admin

    Configure the cluster with this not including anything that can be deployed.


This page forms part of our Project Kubernetes Ansible Collection.

Page Metadata
Version: ToDo: place files short git commit here
Date Created: 2023-10-29
Date Edited: 2024-03-13


Would You like to contribute to our Kubernetes Ansible Collection project? You can assist in the following ways:


ToDo: Add the page list of contributors