Role and Member Management In Your DevOps project
This guide demonstrates how to manage roles and members in your DevOps project.
In DevOps project scope, you can grant the following resources' permissions to a role:
- DevOps Settings
- Access Control
At least one DevOps project has been created, such as
demo-devops. Besides, you need an account of the
admin role (for example,
devops-admin) at the DevOps project level.
In Project Roles, there are three available built-in roles as shown below. Built-in roles are created automatically by KubeSphere when a DevOps project is created and they cannot be edited or deleted.
|viewer||The viewer who can view all resources in the DevOps project.|
|operator||The normal member in a DevOps project who can create pipelines and credentials in the DevOps project.|
|admin||The administrator in the DevOps project who can perform any action on any resource. It gives full control over all resources in the DevOps project.|
Create a DevOps Project Role
Log in to the console as
devops-adminand select a DevOps project (for example,
demo-devops) under DevOps Projects list.
devops-adminis used as an example. As long as the account you are using is granted a role including the authorization of Project Members View, Project Roles Management and Project Roles View in Access Control at DevOps project level, it can create a DevOps project role.
Go to Project Roles in Project Management, click Create and set a Role Identifier. In this example, a role named
pipeline-creatorwill be created. Click Edit Authorization to continue.
In Pipelines Management, select the authorization that you want this role to contain. For example, Pipelines Management and Pipelines View are selected for this role. Click OK to finish.
NoteDepend on means the major authorization (the one listed after Depend on) needs to be selected first so that the affiliated authorization can be assigned.
Newly-created roles will be listed in Project Roles. You can click the three dots on the right to edit it.
NoteThe role of
pipeline-creatoris only granted Pipelines Management and Pipelines View, which may not satisfy your need. This example is only for demonstration purpose. You can create customized roles based on your needs.
Invite a New Member
In Project Management, select Project Members and click Invite Member.
Invite a user to the DevOps project. Grant the role of
pipeline-creatorto the user.
NoteThe user must be invited to the DevOps project’s workspace first.
After you add a user to the DevOps project, click OK. In Project Members, you can see the newly invited member listed.
You can also change the role of an existing member by editing it or remove it from the DevOps project.