mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
45 lines
1.2 KiB
Plaintext
45 lines
1.2 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * rosa_install_access_delete_clusters/rosa-sts-accessing-cluster.adoc
|
|
// * using-rbac.adoc
|
|
|
|
|
|
:_mod-docs-content-type: PROCEDURE
|
|
[id="rosa-create-dedicated-cluster-admins_{context}"]
|
|
= Granting `dedicated-admin` access
|
|
Only the user who created the cluster can grant cluster access to other `cluster-admin` or `dedicated-admin` users. Users with `dedicated-admin` access have fewer privileges. As a best practice, grant `dedicated-admin` access to most of your administrators.
|
|
|
|
.Prerequisites
|
|
|
|
* You have added an identity provider (IDP) to your cluster.
|
|
* You have the IDP user name for the user you are creating.
|
|
* You are logged in to the cluster.
|
|
|
|
.Procedure
|
|
|
|
. Enter the following command to promote your user to a `dedicated-admin`:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ rosa grant user dedicated-admin --user=<idp_user_name> --cluster=<cluster_name>
|
|
----
|
|
+
|
|
. Enter the following command to verify that your user now has `dedicated-admin` access:
|
|
+
|
|
[source,terminal]
|
|
----
|
|
$ oc get groups dedicated-admins
|
|
----
|
|
+
|
|
.Example output
|
|
[source,terminal]
|
|
----
|
|
NAME USERS
|
|
dedicated-admins rh-rosa-test-user
|
|
----
|
|
+
|
|
[NOTE]
|
|
====
|
|
A `Forbidden` error displays if user without `dedicated-admin` privileges runs this command.
|
|
====
|