openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
enterprise-4.21
openshift-docs/cli_reference/rosa_cli/rosa-cli-permission-examples.adoc
mletalie 2906f15e35 CLI tools update
2025-09-17 00:56:10 +00:00

37 lines
2.3 KiB
Plaintext
Raw Permalink Blame History

:_mod-docs-content-type: ASSEMBLY
include::_attributes/attributes-openshift-dedicated.adoc[]
[id="rosa-cli-permission-examples"]
= Least privilege permissions for ROSA CLI commands
:context: rosa-cli-permission-examples
toc::[]
You can create roles with permissions that adhere to the principal of least privilege, in which the users assigned the roles have no other permissions assigned to them outside the scope of the specific action they need to perform. These policies contain only the minimum required permissions needed to perform specific actions by using the {rosa-cli-first}.
[IMPORTANT]
====
Although the policies and commands presented in this topic will work in conjunction with one another, you might have other restrictions within your AWS environment that make the policies for these commands insufficient for your specific needs. Red{nbsp}Hat provides these examples as a baseline, assuming no other AWS Identity and Access Management (IAM) restrictions are present.
====
// Omitting from HCP build until BM gets to review
// [NOTE]
// ====
// The examples listed cover several of the most common ROSA CLI commands. For more information regarding ROSA CLI commands, see xref:../../cli_reference/rosa_cli/rosa-manage-objects-cli.adoc#rosa-common-commands_rosa-managing-objects-cli[Common commands and arguments].
// ====
For more information about configuring permissions, policies, and roles in the AWS console, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html[AWS Identity and Access Management] in the AWS documentation.
// include::modules/rosa-cli-hcp-classic-examples.adoc[leveloffset=+1]
ifdef::openshift-rosa-hcp[]
include::modules/rosa-cli-hcp-examples.adoc[leveloffset=+1]
endif::openshift-rosa-hcp[]
ifdef::openshift-rosa[]
include::modules/rosa-cli-classic-examples.adoc[leveloffset=+1]
endif::openshift-rosa[]
include::modules/rosa-cli-no-permissions-required.adoc[leveloffset=+1]
[role="_additional-resources"]
[id="additional-resources_min-permissions-required"]
== Additional resources
* For more information about AWS roles, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html[IAM roles].
* For more information about AWS policies and permissions, see link:https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html[Policies and permissions in IAM].
View Git Blame Copy Permalink