You can see which users currently have permissions to access clusters by looking at the Live sessions page in the Wayfinder UI. A live session starts when a user has requested access permissions by running either of these commands:
View live sessions
To view live sessions: CLI
$ wf sessions --all
To view live sessions: UI
In the Wayfinder UI, navigate to Access policy > Live sessions.
By default, this page shows all live sessions on all clouds for your workspace, including:
- Session name
- Subject - the username of the user who has access in this session
- Role - the role this user has assumed
- Cluster/Namespace - the cluster and namespace being accessed
- Expires - the amount of time left on this session to access the cluster
- Session status
To filter the sessions displayed, you can:
- Select a specific cloud provider at the top, for example, GKE.
- Use the fields in Filter results to select subject/user, role, cluster, or namespace, and then click Apply.
Revoke access during a live session
If you're a workspace administrator, you can revoke access to a cluster during a live session.
To revoke access: CLI
- List the sessions:
- Delete the policy associated with the session (Name column):
wf delete policy NAME
To revoke access: UI
Identify the live session for which you want to revoke access.
See View live sessions above.
Click Revoke access for the session you identified, and then confirm.
This immediately revokes the access granted in this session.