🚀 KubeSphere 3.1.1 is now available as it extends Kubernetes from the cloud to the edge. Read the introduction for 3.1.x → close
  • English
    • English
    • 简体中文
    1. 1.Experience account: demo1 / Demo123
    2. 2.This account is only allowed to view parts of UI
    3. 3.It's recommended that install KubeSphere in your environment
  •  Star
  1. Documentation / 
  2. DevOps User Guide / 
  3. Understand and Manage DevOps Projects / 
  4. Role and Member Management

DevOps User Guide

Last updated:
    Edit

    Role and Member Management In Your DevOps project

    This guide demonstrates how to manage roles and members in your DevOps project.

    In DevOps project scope, you can grant the following resources’ permissions to a role:

    • Pipelines
    • Credentials
    • DevOps Settings
    • Access Control

    Prerequisites

    At least one DevOps project has been created, such as demo-devops. Besides, you need an account of the admin role (for example, devops-admin) at the DevOps project level.

    Built-in Roles

    In Project Roles, there are three available built-in roles as shown below. Built-in roles are created automatically by KubeSphere when a DevOps project is created and they cannot be edited or deleted.

    Built-in Roles Description
    viewer The viewer who can view all resources in the DevOps project.
    operator The normal member in a DevOps project who can create pipelines and credentials in the DevOps project.
    admin The administrator in the DevOps project who can perform any action on any resource. It gives full control over all resources in the DevOps project.

    Create a DevOps Project Role

    1. Log in to the console as devops-admin and select a DevOps project (for example, demo-devops) on the DevOps Projects page.

      Note

      The account devops-admin is used as an example. As long as the account you are using is granted a role including the permissions of Project Member Viewing, Project Role Management and Project Role Viewing in Access Control at DevOps project level, it can create a DevOps project role.

    2. Go to Project Roles in Project Management, click Create and set a Name. In this example, a role named pipeline-creator will be created. Click Edit Permissions to continue.

      devops_role_step1

    3. In Pipeline Management, select the permissions that you want this role to contain. For example, Pipeline Management and Pipeline Viewing are selected for this role. Click OK to finish.

      devops_role_step2

      Note

      Depends on means the major permission (the one listed after Depends on) needs to be selected first so that the affiliated permission can be assigned.

    4. Newly created roles will be listed in Project Roles. You can click on the right to edit it.

      devops_role_list

      Note

      The role of pipeline-creator is only granted Pipeline Management and Pipeline Viewing, which may not satisfy your need. This example is only for demonstration purpose. You can create customized roles based on your needs.

    Invite a New Member

    1. In Project Management, select Project Members and click Invite Member.

    2. Click to invite an account to the DevOps project. Grant the role of pipeline-creator to the account.

      devops_invite_member

      Note

      The user must be invited to the DevOps project’s workspace first.

    3. After you add a user to the DevOps project, click OK. In Project Members, you can see the newly invited member listed.

    4. You can also change the role of an existing member by editing it or remove it from the DevOps project.

      devops_user_edit


    Thanks for the feedback. If you have a specific question about how to use KubeSphere, ask it on Slack. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.

    Previous : DevOps Project Management
    What’s on this Page