Skip to main content

Access Policy Settings

< scope | access policy create workflow

Access Policy Create Policy

Terminology

  • User access policies: Allows a user to directly access a cluster, such as by using the command:
    wf access cluster.
  • Access Token policies: Allows a user to assign cluster access to an access token, such as by using the command:
    wf assign accessrole.
  • Roles: Defines a set of permissions for a user or system access token to perform actions in a Wayfinder-managed Kubernetes cluster.
  • Groups: The groups of users that this access policy applies to. Users in these groups are able to access the clusters using the roles specified.
  • Session duration limit: Limits the maximum duration permitted for a single user access session to a cluster under this policy.

📚 For more details on key points, refer to the overview section.
📚 Explore the properties section for additional information on each UI property.


CLI Instructions

Follow the instructions in the details section.



Web Interface Instructions

Steps

  • Fill in the policy details as outlined in the properties section.
  • Click Continue to proceed

Screenshot(s)

Create access policy - Policy Section


Properties

FieldDescription
Subject TypeThe subject type to which the policy applies.
Option(s):
- User: User access policies allow a user to directly access a cluster, such as by using the command wf access cluster.
- Access Token: Access token policies allow a user to assign cluster access to an access token, such as by using the commandwf assign accessrole.
RolesThe role(s) this policy permits access to. Specify at least one. A role defines a set of permissions for a user or system access token to perform actions in a Wayfinder-managed Kubernetes cluster.
GroupsThe group(s) this policy permits access to. Specify at least one. The groups of users that this access policy applies to. Users in these groups are able to access the clusters using the roles specified.
Session duration limitOnly applicable to the user subject type. Limits the maximum duration permitted for a single user access session to a cluster under this policy.
Format: hhmmss


What comes next?