Updated on 2025-06-13 GMT+08:00
Permissions
CCE permissions management allows you to assign permissions to Identity and Access Management (IAM) users and user groups under your tenant accounts. CCE combines the advantages of IAM and Kubernetes RBAC authorization to provide a variety of authorization methods, including IAM fine-grained authorization, IAM token authorization, cluster-scoped authorization, and namespace-wide authorization.
Figure 1 Illustration of CCE permissions
CCE Permissions Management
In general, you can configure CCE permissions in two scenarios. The first is creating and managing clusters and related resources, such as nodes. The second is using Kubernetes resources in the cluster, such as workloads and Services.
- Cluster-level permissions (IAM permissions): Based on the system-defined policies of IAM, they allow you to manage CCE clusters and associated resources like VPC, ELB, and ECS.
- Namespace-level permissions (RBAC permissions): Based on Kubernetes RBAC, they allow different users or user groups to perform operations on different Kubernetes resources.
Permissions Operations
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
