Skip to main content

Default Cluster Access Controls

< evaluation | default cluster access controls

What default Access Controls does Wayfinder provide?

Wayfinder includes a default set of access policies, roles, and groups to control and manage access to clusters, namespaces, and secrets. For more information, see Managing User Access.


There are two kinds of access policies:

  • Global access policies: Wayfinder comes with default global access policies, and a Wayfinder admin can create more global policies.
    • Global policies are at the platform level and available as read-only in all workspaces. These cannot be edited, disabled, or deleted at the workspace level.
    • Wayfinder admins can disable or delete any policy they create.
    • Wayfinder admins cannot delete default policies, but can disable them.
  • Workspace access policies: All global access policies are available in workspaces as read-only. Workspace admins can also create their own access policies, specific to their workspace only.

What comes next?