Role and Member Management In Your Project

    In project scope, you can grant the following resources’ permissions to a role:

    • Application Workloads
    • Storage
    • Monitoring & Alerting
    • Project Settings
    • Access Control

    At least one project has been created, such as . Besides, you need an account of the admin role (e.g. project-admin) at the project level. See Create Workspaces, Projects, Accounts and Roles if it is not ready yet.

    In Project Roles, there are three available built-in roles as shown below. Built-in roles are created automatically by KubeSphere when a project is created and they cannot be edited or deleted. You can only view permissions and authorized user list.

    1. In Project Roles, click and you can see the role detail as shown below.

    2. You can switch to Authorized Users tab to see all the users that are granted an admin role.

    1. Log in to the console as project-admin and select a project (e.g. ) under Projects list.

      Note

    2. Select the authorization that you want this role to contain. For example, Application Workloads View in Application Workloads, and Alerting Messages View and Alerting Policies View in Monitoring & Alerting are selected for this role. Click OK to finish.

      Edit Authorization

      Note

      Depend on means the major authorization (the one listed after Depend on) needs to be selected first so that the affiliated authorization can be assigned.

    3. Newly-created roles will be listed in Project Roles. You can click the three dots on the right to edit it.

      The role of is only granted limited permissions in Monitoring & Alerting, which may not satisfy your need. This example is only for demonstration purpose. You can create customized roles based on your needs.

    1. In Project Settings, select Project Members and click Invite Member.

    2. Invite a user to the project. Grant the role of project-monitor to the user.

      invite member

      Note

      The user must be invited to the project’s workspace first.

    3. After you add a user to the project, click OK. In Project Members, you can see the newly invited member listed.

    4. You can also change the role of an existing member by editing it or remove it from the project.