How-to Grant Read-Only Access to the Kubernetes Dashboard

Problem

A read-only access role needs to be created for access to the Kubernetes Web UI (Dashboard).

Environment

  • Platform9 Managed Kubernetes - All Versions
  • Kubernetes Web UI (Dashboard)

Procedure

  1. Create a service account in the default or any other namespace of your choice.
Copy
  1. Create a cluster role with get, list, and watch verbs.
Copy

The above gives permission to all the resources; it can be modified accordingly.

  1. Create a clusterrolebinding for the above clusterrole and serviceaccount.
Copy
  1. Describe the serviceaccount resource (created above).
Copy
  1. Extract the token value from the secret specified for the serviceaccount resource (above output).
Copy

The token value may then be used to login to the Kubernetes Dashboard with read-only privileges.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard