All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term


Upgrade to the RBAC mode

Last updated:2021-09-29 22:05:17

Kingsoft Cloud Container Engine (KCE) supports the basic and role-based access control (RBAC) authorization modes. The RBAC mode allows you to manage the permissions on the Kubernetes resources of clusters in a more fine-grained manner. If you want to upgrade the authorization mode of a cluster from basic to RBAC, perform the following operations with your Kingsoft Cloud account:

  1. Log in to the KCE console.
  2. In the left navigation pane, click Authorization Management.
  3. Click Upgrade to RBAC Mode. In the dialog box that appears, click OK.

Upgrade notes

  • To ensure the compatibility with the basic authorization mode, the RBAC mode reserves the cluster-admin permissions for the Identity and Access Management (IAM) users of your clusters.
  • After the upgrade, you must revoke permissions from the IAM users of your clusters as required.


    1. During the upgrade of the authorization mode, the ClusterRoleBinding object is written to all your clusters. If one of the clusters is inaccessible, the upgrade fails. In this case, you cannot grant permissions in RBAC mode.
    1. After you upgrade to the RBAC mode, you cannot roll back to the basic authorization mode.
    1. After the RBAC mode is enabled, you can revoke permissions from or modify the permissions of your IAM users as required. For more information, seeManage the RBAC permissions of IAM users
On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen