Access the Keycloak Admin Console¶
Using the Keycloak Admin Console you can:
Grant or revoke roles to or from a user. The Keycloak administrator is responsible for assigning roles to users depending on the level of access they need in Container Cloud
Use the following credentials to access the Keycloak Admin Console:
The console URL is outputted when the management cluster bootstrap completes. To obtain the URL:
kubectl get cluster <mgmtClusterName> -o=jsonpath='{.status.providerStatus.helm.releases.iam.keycloak.url}'
The user name is
keycloak
by default.The password is located in
passwords.yaml
generated during bootstrap.You can also obtain the password from the
iam-api-secrets
secret in thekaas
namespace of the management cluster and decode the content of thekeycloak_password
key:kubectl get secret iam-api-secrets -n kaas -o=jsonpath='{.data.keycloak_password}' | base64 -d