原创-argocd添加用户,修改密码,修改权限

 

加用户步骤:
修改argocd-cm,添加data
data:
accounts.linyanzhi: login     /添加linyanzhi登录账号

# disables user. User is enabled by default

accounts.linyanzhi.enabled: "enable"    /启用linyanzhi账号

 

 

修改密码:
argocd account update-password --account linyanzhi --current-password argocd-server-ABCDEFG --new-password linyanzhi123

 

 

用户权限控制:修改cm下的argocd-rbac-cm

data:
policy.csv: |
p, linyanzhi, *, *, lixian/*, allow   -----p是policy,用户名,要使用的资源,要使用的方法,项目,allow或deny
#policy.default: role:readonly     -----默认策略
scopes: '[accounts]'

线上例子参考:

data:
policy.csv: |
p, hub, applications, get, lixian/*, deny
p, hub_viewer, applications, get, */*, allow
p, hub_admin, *, *, */*, allow
p, hub_admin, projects, *, *, allow
p, lixian_admin, applications, *, lixian/*, allow
p, lixian_admin, certificates, *, *, allow
p, lixian_admin, clusters, *, *, allow
p, lixian_admin, repositories, *, *, allow
p, lixian_admin, projects, *, lixian, allow
p, lixian_admin, accounts, *, *, allow
p, lixian_admin, gpgkeys, get, *, allow
p, lixian_readonly, applications, get, lixian/*, allow

参考文档:

用户管理:https://argoproj.github.io/argo-cd/operator-manual/user-management/

RBAC控制:https://argoproj.github.io/argo-cd/operator-manual/rbac/

posted @ 2021-01-26 15:27  Normanlin  阅读(3771)  评论(0编辑  收藏  举报