Onboarding: ask for further privileges
Once you have been granted reader access to K8SAAS resources. you should be able to easily list items and identify the cluster service owner so that he can grant you further privileges.
List your resources
Go to the azure portal : https://portal.azure.com/ and sign in with your thales identity.
Than click on/tap on the search bar: "All resources".
You should see one or more:
- Kubernetes service
- Log Analytics Workspace
For example here is a screenshot for an account that have reader access on the cluster k8saas-teh-b21141-3-sandbox:
By default, you will have the reader role on these resources. The list of all actions possible by roles are described on our RBAC page
Get further privileges
Still with the Azure portal, select/search for "Azure Active Directory".
Then search for the Azure AD reader group:<CLUSTER-NAME>-k8saas-reader-cluster-role.
For example, for the cluster k8saas-teh-b21141-3-sandbox the Azure AD reader group is k8saas-teh-b21141-3-sandbox-k8saas-reader-cluster-role.
They should be one of your coworker that is both ion the member list and in the owner list: This person is the service owner of the cluster.
You should reach out to this person so they can grant you further rights on the cluster.
The management of access and permission for a cluster is handled as a self-service feature.
Please do not reach out to the K8SAAS Team directly to ask for further privileges, but reach out to the cluster's service owner.
Next Steps
- Learn more about the different roles: RBAC