Role-based access control (RBAC) manages access to a computer or to the network resources based on the roles of individual users in your organization.
You can automate the process of creating a role by using scripts.
RBAC API Objects
The Commvault software uses the ClusterRole, ClusterRoleBinding, and ServiceAccount objects to access the Kubernetes resources.
For information about RBAC API objects, go to Using RBAC Authorization on the Kubernetes website. For information about service accounts, go to Configure Service Accounts for Pods on the Kubernetes website.
RBAC Authorization for Kubernetes Backups and Restores
Kubernetes backup, restore, and browse operations require a service account that has authorization to the resources that you want to protect.
In general, a service account that uses the cluster-admin ClusterRole is restricted in organizations. You must create a service account that has the required authorizations to protect Kubernetes applications using the Commvault software.
Permissions for Resources and Sub-Resources
|
Resources and sub-resources |
Permissions |
|---|---|
|
|
|
|
All resources obtained by the |
|