Version: 0.7

kore assign plan

kore assign plan#

Assigns a plan to one more subjects in the team


Assignment permits team members to assign a security policy to one more more managed identites in Kore. A common example would be to create a robot account and then assign a deployment plan to robot account to permit deploying an application into the cluster. Though you can technically assign policies to users directly, it's advisable to use role assumption rather than statically assigned policies (see kore assume --help)

Note, assigements to policies is granted to team members via the team administrator, the possess the rights to construct constaints as to who can 'use' attach a policy to the subject and any requirements which must be followed.

kore assign plan [flags]


# Create a robot token and assign a policy to permit deployment to clusterA
$ kore create robot ci
$ kore assign plan nsadmin --robot ci --cluster <cluster> --namespace <namespace>
# View the assignements which you can make
$ kore get assignments
# View all the plans and roles which are available (use -o yaml) to view policy.
$ kore get policyplans --all


--cluster string sets the cluster name of a plan parameter
--dry-run shows the resource but does not apply or create (defaults: false)
--group strings one or more teams to apply
-h, --help help for plan
--namespace string sets the namespace name of a plan parameter
--robot strings one or more robots accounts
--role strings one or more team roles to apply the plan
--scope strings one or more subject scopes to apply the plan
--subject strings one or more subjects to apply

Options inherited from parent commands#

--debug indicates we should use debug / trace logging (defaults: false)
--force is used to force an operation to happen (defaults: false)
--no-wait indicates if we should wait for resources to provision
-o, --output string the output format of the resource (json,yaml,table,template) (default "table")
--profile string allows you to explicitly set the selected profile
--show-headers indicates we should display headers on table out (default true)
-t, --team string the team you are operating within
--verbose enables verbose logging for debugging purposes (defaults: false)


  • kore assign - Assigns allows you to apply a policy, plan or compliance package