Managing Profiles

In this article, we discuss several options when manipulating profiles; specifically, we will cover deploying a profile, managing the different bindings, and demonstrate how to delete a profile.

Deploy a Profile

In the RBAC Profile tab, users can deploy a profile by clicking on the radio button to select the specific profile name, then click on the Deploy button. This opens a new window where we can review the profile summary, the name of the cluster it will be applied to, and the number of roles that will be applied. Next, select the cluster to apply the profile to. And finally, click the Deploy button again to implement the change.

Note that we can also click on Show Impact Analysis button to show what effect the change will have.

Managing Bindings

Profile bindings work in a similar way to Kubernetes Role and Cluster bindings. Roles and ClusterRoles objects specifically define the rules that reflect a permission set. The difference between the two objects is that Roles define permissions within a namespace, while ClusterRoles provide access across all namespaces within a cluster. The RoleBindings and ClusterRoleBindings are objects that allocate those permission sets to a user or group. In essence, permissions are linked to roles, and users are then assigned to pertinent roles.

A Profiles Binding represents the cluster as an object that provides a set of permissions from the Profile, it is 'bound'. The Profile is bound to a Cluster.

Delete a Profile

To delete a profile, simply select the Profile, and click the delete icon.

A pop-up will appear asking you to confirm your choice.

Click the Confirm button to remove the profile.