Skip to content
Permission Manager is a project that brings sanity to Kubernetes RBAC and Users management, Web UI FTW
JavaScript Go HTML Makefile Other
Branch: master
Clone or download
angelbarrera92 Merge pull request #2 from craigbox/patch-1
Offer a generic name as the placeholder/example
Latest commit 9d39cc8 Jan 27, 2020
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
cmd config test Jan 16, 2020
docs Fix typo Jan 25, 2020
e2e-test docs Jan 17, 2020
internal documentation 📝 Jan 17, 2020
k8s OSS Jan 25, 2020
statik remove double imports Jan 25, 2020
web-client Offer a generic name as the placeholder/example Jan 27, 2020
.dockerignore
.gitignore docs Jan 17, 2020
Dockerfile config refactoring Dec 20, 2019
LICENSE.md Updating License date/year Jan 25, 2020
Makefile add gif Jan 25, 2020
README.md Fixed readme typo (#1) Jan 27, 2020
go.mod config refactoring Dec 20, 2019
go.sum remove self dependency Dec 20, 2019

README.md

Permission manager

flow

Welcome to the Permission Manager! 🎉 🎉

Permission Manager is an application developed by SIGHUP that enables a super-easy and user-friendly RBAC management for Kubernetes. If you are looking for a simple and intuitive way of managing your users within a Kubernetes cluster, this is the right place.

With Permission Manager, you can create users, assign namespaces/permissions, and distribute Kubeconfig YAML files via a nice&easy web UI.

Screenshots

First Page

First Page

Creating a user

Creating a user

Creating a user - Summary

Create user Sumary

  • User's Kubeconfig*

User's Kubeconfig

Installation

To deploy and run the Permission Manager on your cluster, follow the installation guide

Development Setup

We love contributions from the community ❤️.
Learn how-to-contribute

FAQ

How it works

The application allows us to define and select permission standard templates (those defining who can do what, within a namespace or globally) and associate them with all the users you might want to create.

The template system is an abstraction over Cluster-Roles, RoleBinding, and ClusterRolesBindigs.

Do we plan to use CRDs and custom labels? Sure, it's in the product roadmap.

What is a template

A template is a ClusterRole with a prefix

template-namespaced-resources___

for example template-namespaced-resources___developer

Why a template is not a CRD

When we started the development of this project, a template was one-to-one to a clusterrole, the usage of a CRD looked overkill. This will obviouosly change in future to avoid polluting clusterroles and will allow us to have a more precise incapsulation of what is owned by the permission manager.

How to add a new template

Create a clusterrole starting with template-namespaced-resources___ and apply it.

Default templates

developer and operation default templates can be created by applying the manifest located at k8s/k8s-seeds/seed.yml

kubectl apply -f k8s/k8s-seeds

What is a user

A user is a custom resource of kind permissionmanagerusers.permissionmanager.user

Commercial & Enterprise Support

Are you using Permission Manager in your clusters and looking for commercial support? Let us know and get in touch

You can’t perform that action at this time.