Role Binding

Role Binding defines the binding relationship between role bindings and service accounts.

Role binding defines the binding relationship between role and service account, thus controlling the operation rights of the service account. Role binding for multi-cluster resources supports binding to a cluster and batch creation of the same role binding in a cluster.

Entry: In the cloud management platform click the top left corner of navigation menu, and click “Containers/Multi-Cluster Resources/Role Binding” menu item in the left menu bar that pops up to enter the role binding page.

Create role binding

This function is used to create a new multicluster role binding. Before creating a new multicluster role binding, please create the multicluster namespace, role, and cluster role first.

On the role binding page, click the “Create” button at the top of the list to enter the new role binding page.
Set the following parameters.
- Name: Set the name of the role binding.
- Namespace: Select the namespace to which the role binding belongs.
- Role type: Select the role or cluster role.
- Role/cluster role: Select a specific role or cluster role.
- Subject: Select the type of service account to be bound, including User, Group.
- Subject Name: Set the specific user, group.
Click the “OK” button to complete the operation.

Delete Role Binding

This function is used to delete role bindings. When the role binding has been bound to a cluster, it cannot be deleted.

Individual Deletion

On the role binding page, click the “Delete” button in the right action column of the role binding to bring up the action confirmation dialog.
Click the “OK” button to complete the operation.

Batch Delete

Select one or more role bindings in the list, and click the “Delete” button at the top of the list to bring up the operation confirmation dialog.
Click the “OK” button to complete the operation.

View Role Binding Details

This function is used to view the details of role binding.

On the Role Binding page, click the Role Binding Name item to enter the Role Binding Details page.
View the following information: Cloud ID, ID, name, domain, project, status, roleref, subjects, created at, updated at, and description.

Bound Cluster Resource Management

This function is used to associate role bindings to or unbind from a cluster.

Bound to cluster

This function is used to associate a role binding to a cluster and create a corresponding role binding on the corresponding cluster.

On the Role Binding page, click the role binding name item to enter the role binding details page.
Click the Bound Cluster Resources tab to enter the Bound Resources page.
Click the “Bind to Cluster” button to bring up the Bind to Cluster dialog box.
Select the cluster and click the “OK” button to complete the operation.

Unbind

This function is used to unbind multi-cluster role bindings from the cluster. Currently, after unbinding, the cluster will not delete the corresponding role bindings.

Description

If there is already a role binding with the same name in the bound cluster, it will overwrite the existing role binding.

On the role binding page, click the role binding name item to enter the role binding details page.
Click the Bound Cluster Resources tab to enter the Bound Resources page.
Click the “Unbind” button on the right action bar of the cluster to bring up the action confirmation dialog.
Click “OK” button to complete the operation.

View Operation Log

This function is used to view the operation logs related to multicluster role binding.

On the Role Binding page, click the role binding name item to enter the role binding details page.
Click the Operation Log tab to enter the Operation Log page.
- Load More Logs: In the Operation Logs page, the list shows 20 operation logs by default. To view more operation logs, please click the “Load More” button to get more logs.
- View Log Details: Click the “View” button on the right column of the operation log to view the log details. Copy details are supported.
- View logs of specified time period: If you want to view the operation logs of a certain time period, set the specific date in the start date and end date at the top right of the list to query the log information of the specified time period.
- Export logs: Currently, only the logs displayed on this page are supported to be exported. Click the upper-right corner of icon, set the export data column in the pop-up export data dialog, and click the “OK” button to export the logs.