Create Project Roles
This section explains how to create a project role.
Prerequisites
You should join a project and have the Role Management permission within the project. For more information, refer to “Project Members” and “Project Roles”.
Steps
Log in to the KubeSphere web console with a user who has the Role Management permission, and access your project.
Click Project Settings > Project Roles in the left navigation pane.
Click Create on the page.
In the Create Role dialog, set the name, alias, and description of the project role, then click Edit Permissions.
Parameter Description Name
The name of the project role. The name can only contain lowercase letters, numbers, and hyphens (-), must start and end with a lowercase letter or number, and can be up to 63 characters long.
Alias
The alias of the project role. The aliases of different project roles can be the same. The alias can only contain Chinese characters, letters, numbers, and hyphens (-), cannot start or end with a hyphen (-), and can be up to 63 characters long.
Description
The description of the project role. The description can contain any characters and is up to 256 characters long.
In the Edit Permissions dialog, set the permissions for the project role, then click OK.
Storage
Permission Operations Allowed PVC Management
Create Persistent Volume Claims, clone Persistent Volumes, expand Persistent Volumes, edit Persistent Volume Claim information, delete Persistent Volume Claims.
PVC Viewing
View Persistent Volume Claim lists, view Persistent Volume Claim details.
Configuration
Permission Operations Allowed ConfigMap Management
Create ConfigMaps, edit ConfigMap information, edit ConfigMap settings, delete ConfigMaps.
View ConfigMaps
View ConfigMap lists, view ConfigMap details.
Secret Management
Create Secrets, edit Secret information, edit Secret settings, delete Secrets.
View Secrets
View Secret lists, view Secret details.
Service Account Management
Create service accounts, edit service account information, change service account roles, delete service accounts.
View Service Accounts
View service account lists, view service account details.
Application Workloads
Permission Operations Allowed Application Workload Management
Manage resources such as applications, services, workloads, and jobs in the project.
Application Workload Viewing
View resources such as applications, services, workloads, and jobs in the project.
Applications
Permission Operations Allowed Application Instance Management
Install applications from application templates, install applications from the App Store, delete applications.
View Application Instances
View application lists, view details of template-based applications.
Access Control
Permission Operations Allowed Role Viewing
View project role lists, view project role details.
Member Viewing
View project member lists.