Kubernetes Cluster: Access Control
Kubernetes manages access to the cluster via RBAC (Role-Based Access Control). By default, you have a token that belongs to a ServiceAccount with the cluster-admin role.
If you need to share access to the Kubernetes cluster with other users, it is recommended to create separate ServiceAccounts with the required Roles and RoleBindings. Such a flow helps to manage allowed actions manually (e.g. to create namespaces, deployments, services, ingresses, etc).
Kubernetes RBAC system is not aligned with Jelastic accounts. Any user with SSH access to the master node can utilize the pre-configured kubectl
tool with its cluster-admin
role. Due to this specific, environment sharing
over Jelastic PaaS functionality may expose sensitive information.