How-to Grant Read-Only Access to the Kubernetes Dashboard
Problem
A read-only access role needs to be created for access to the Kubernetes Web UI (Dashboard).
Environment
- Platform9 Managed Kubernetes - All Versions
- Kubernetes Web UI (Dashboard)
Procedure
- Create a service account in the default or any other namespace of your choice.
- Create a cluster role with get, list, and watch verbs.
The above gives permission to all the resources; it can be modified accordingly.
- Create a clusterrolebinding for the above clusterrole and serviceaccount.
- Describe the serviceaccount resource (created above).
- Extract the token value from the secret specified for the serviceaccount resource (above output).
The token value may then be used to login to the Kubernetes Dashboard with read-only privileges.
Was this page helpful?