IAMRole resource

IAMRole is the read-only cluster-level object that can have global, namespace, or cluster scope. It contains the following fields:

• apiVersion

  API version of the object that is iam.mirantis.com/v1alpha1.

• kind

  Object type that is IAMRole.

• metadata

  Object metadata that contains the following field:

  • name

    Role name. Possible values are: global-admin, cluster-admin, operator, bm-pool-operator, user, member, stacklight-admin, management-admin.

    For details on user role assignment, see Manage user roles through Container Cloud API.

    Note

    The management-admin role is available since Container Cloud 2.25.0 (Cluster releases 17.0.0, 16.0.0, 14.1.0).

• description

  Role description.

• scope

  Role scope.

Configuration example:

apiVersion: iam.mirantis.com/v1alpha1
kind: IAMRole
metadata:
  name: global-admin
description: Gives permission to manage IAM role bindings in the Container Cloud deployment.
scope: global