All Documents

Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Content is empty

If you don't find the content you expect, please try another search term

Container Engine (KCE)

View more results

Document title with current keyword not found

Directory

Expand AllFold All Up

Networking
Security

Storage&CDN
Database
Legal
- Legal
ActionTrail
- ActionTrail
- Kingsoft Cloud International Business

Video Services
Data Analysis
- MapReduce (KMR)
- Kingsoft Cloud Log Service
Account Management
- Identity and Access Management
- Account Management

No products found with this keyword

Documentation

Container Engine (KCE)

User Guide

RBAC management

Upgrade to the RBAC mode

Upgrade to the RBAC mode

Last updated：2021-09-29 22:05:17

Kingsoft Cloud Container Engine (KCE) supports the basic and role-based access control (RBAC) authorization modes. The RBAC mode allows you to manage the permissions on the Kubernetes resources of clusters in a more fine-grained manner. If you want to upgrade the authorization mode of a cluster from basic to RBAC, perform the following operations with your Kingsoft Cloud account:

Log in to the KCE console.
In the left navigation pane, click Authorization Management.
Click Upgrade to RBAC Mode. In the dialog box that appears, click OK.

Upgrade notes

To ensure the compatibility with the basic authorization mode, the RBAC mode reserves the cluster-admin permissions for the Identity and Access Management (IAM) users of your clusters.
After the upgrade, you must revoke permissions from the IAM users of your clusters as required.

Note

During the upgrade of the authorization mode, the ClusterRoleBinding object is written to all your clusters. If one of the clusters is inaccessible, the upgrade fails. In this case, you cannot grant permissions in RBAC mode.

After you upgrade to the RBAC mode, you cannot roll back to the basic authorization mode.

After the RBAC mode is enabled, you can revoke permissions from or modify the permissions of your IAM users as required. For more information, seeManage the RBAC permissions of IAM users

On this page

Previous:Manage the RBAC permissions of IAM users

Next:User Guide on KSK

Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen

Feedback