Security Access Bindings
SecurityAccessBindings
is an assignment of roles to a set of users or
teams to access resources under a Security group. The user or team
information is obtained from an LDAP server that should have been
configured as part of Service Bridge installation. Note that a
SecurityRoleBinding
can be created or modified only by users who
have set_rbac
permission on the Security group.
The following example assigns the security-admin
role to users
alice
, bob
, and members of the security-ops
team for
the security group g1
under workspace w1
owned by the tenant
mycompany
.
apiVersion: rbac.tsb.tetrate.io/v2
kind: SecurityAccessBindings
metadata:
organization: myorg
tenant: mycompany
workspace: w1
group: g1
spec:
allow:
- role: rbac/security-admin
subjects:
- user: alice
- user: bob
- team: security-ops
SecurityAccessBindings
SecurityAccessBindings
assigns permissions to users of security groups.
Field | Description | Validation Rule |
allow | List of tetrateio.api.tsb.rbac.v2.Binding | – |