Create Project Roles

This section explains how to create a project role.

Prerequisites

You should join a project and have the Role Management permission within the project. For more information, refer to “Project Members” and “Project Roles”.

Steps

  1. Log in to the KubeSphere web console with a user who has the Role Management permission, and access your project.

  2. Click Project Settings > Project Roles in the left navigation pane.

  3. Click Create on the page.

  4. In the Create Role dialog, set the name, alias, and description of the project role, then click Edit Permissions.

    ParameterDescription

    Name

    The name of the project role. The name can only contain lowercase letters, numbers, and hyphens (-), must start and end with a lowercase letter or number, and can be up to 63 characters long.

    Alias

    The alias of the project role. The aliases of different project roles can be the same. The alias can only contain Chinese characters, letters, numbers, and hyphens (-), cannot start or end with a hyphen (-), and can be up to 63 characters long.

    Description

    The description of the project role. The description can contain any characters and is up to 256 characters long.

  5. In the Edit Permissions dialog, set the permissions for the project role, then click OK.

    • Storage

      PermissionOperations Allowed

      PVC Management

      Create Persistent Volume Claims, clone Persistent Volumes, expand Persistent Volumes, edit Persistent Volume Claim information, delete Persistent Volume Claims.

      PVC Viewing

      View Persistent Volume Claim lists, view Persistent Volume Claim details.

    • Configuration

      PermissionOperations Allowed

      ConfigMap Management

      Create ConfigMaps, edit ConfigMap information, edit ConfigMap settings, delete ConfigMaps.

      View ConfigMaps

      View ConfigMap lists, view ConfigMap details.

      Secret Management

      Create Secrets, edit Secret information, edit Secret settings, delete Secrets.

      View Secrets

      View Secret lists, view Secret details.

      Service Account Management

      Create service accounts, edit service account information, change service account roles, delete service accounts.

      View Service Accounts

      View service account lists, view service account details.

    • Application Workloads

      PermissionOperations Allowed

      Application Workload Management

      Manage resources such as applications, services, workloads, and jobs in the project.

      Application Workload Viewing

      View resources such as applications, services, workloads, and jobs in the project.

    • Applications

      PermissionOperations Allowed

      Application Instance Management

      Install applications from application templates, install applications from the App Store, delete applications.

      View Application Instances

      View application lists, view details of template-based applications.

    • Access Control

      PermissionOperations Allowed

      Role Viewing

      View project role lists, view project role details.

      Member Viewing

      View project member lists.