Contents x
      Configuring the Default Access Control Policy
      • 19 May 2024
      • 1 Minute to read
      • Contributors
      • Print
      • Dark
        Light
      Contents

      Configuring the Default Access Control Policy

      • Updated on 19 May 2024
      • 1 Minute to read
      • Contributors
      • Print
      • Dark
        Light
      Article summary

      The purpose of the default access control policy is to prevent an accidental denial of access to a cluster caused by an oversight or misconfiguration of access control policies. After you have configured access control policies that specifically grant the appropriate access to clusters, you should configure the default access control policy.

      You have the following options when considering how to configure the default access control policy:

      • You can configure the default policy to restrict access to clusters that do not match the policy conditions of higher-priority policies

      • You can configure the default policy to grant access to everyone for clusters that do not match the policy conditions of higher-priority policies

        Note: This is the default configuration, but you must determine if this is best for your environment.

      Prerequisite

      If you want to restrict access to clusters that use the default access control policy, you must ensure the appropriate Groups and Users exist in the account.

      Procedure

      1. Determine who should be able to access clusters that do not have an active user-defined (non-default) access control policy:

        • This might be everyone — the default configuration

        • This might be a specific group, such as an Administrators group

        • This might be a specific person, such as the RealTheory account administrator

      2. As a user with the following roles, navigate to Settings > Access Management > Access Control Policies:

        • sys_admin, or

        • all of: permissions_admin, group_admin, _and user_admin

      3. If no access control policies have been previously configured, you will see only the default access control policy, which will indicate who currently has access to clusters.

      4. If access control policies have been previously configured, each policy will be listed above the default access control policy in the order that they are processed and applied.

      5. To configure the default access control policy:

        1. Click Edit on the Default access control policy.
        2. Select who should have access to clusters that do not have an active user-defined access control policy:

          • Everyone in my organization

          • Selected groups and/or users

        3. If you selected Everyone in my organization, go to Step 5.e.
        4. If you selected Selected groups and/or users, click Add in the Groups with access and Users with access lists, and then select which groups and/or users should have access.
        5. Click Save.
      Was this article helpful?
      What's Next
      RealTheory logo
      • The Kubernetes Intelligence Platform
      Support
      Follow Us
      Copyright © RealTheory, Inc. All Rights Reserved