$ oc edit argocd [argocd-instance-name] -n [namespace]
By default, any type of user, except the kube:admin
user, logged into the default Argo CD instance does not have access to any services. But a user logged into a custom Argo CD instance is a read-only user by default.
In Red Hat OpenShift GitOps v1.9.0 or earlier versions, any type of user, except the |
To manage and modify the user level access, configure the role-based access control (RBAC) section in the Argo CD custom resource (CR).
Edit the argocd
CR:
$ oc edit argocd [argocd-instance-name] -n [namespace]
metadata
...
...
rbac:
policy: 'g, rbacsystem:cluster-admins, role:admin'
scopes: '[groups]'
Add the policy
configuration to the rbac
section and add the name
, email
and the role
of the user:
metadata
...
...
rbac:
policy: <name>, <email>, role:<admin>
scopes: '[groups]'
Currently, RHSSO cannot read the group information of Red Hat OpenShift GitOps users. Therefore, configure the RBAC at the user level. |