Configure role-based access control for Stork

Cluster administrators can allow certain users to perform Stork operations by creating and assigning custom roles for their users. Under the configuration described below, a Cluster administrator defines permissions in a user role which allows the user to perform Stork operations.

Modify a role

  1. As a Kubernetes cluster administrator, create a new Kubernetes role, or find an existing one you wish to modify.

  2. Modify the role, adding permissions for Stork resources to it:

    kind: Role
      namespace: default
      name: pod-reader
    - apiGroups: [""]
      resources: [ * ]
      verbs: ["get", "list", "create", "watch", "update", "delete"]
    - apiGroups: [""]
      resources: ["volumesnapshots", "volumesnapshotdatas", "volumesnapshotrestores", ]
      verbs:     ["get", "list", "create", "watch", "update", "delete"]

Last edited: Friday, Apr 10, 2020