Revoke Access
Administrators and Workspace Owners can view/revoke the access of users and access tokens at any time.
This article outlines instructions for user sessions using Wayfinder's Web Interface or CLI.
CLI Instructions
To view or revoke live sessions
-
List all live sessions in your workspace:
wf sessions --all
NAME ROLE CLUSTER NAMESPACE USER EXPIRES AT AGE
namespace.admin.aks-opdar.azure-demo-app-test-env5.name.tahh9dx namespace.admin aks-opdar azure-demo-app-test-env5 name@appvia.io 2023-04-20T17:11:13Z 93m
-
To revoke access, find the username whose access you want to revoke in the
USER
column, and then delete the session using the value in theNAME
column:wf sessions NAME --revoke
The session name is the assumption policy associated with that user's assumed role session.
Web Interface Instructions
To view or revoke live sessions in Wayfinder's web interface
-
Select Workspaces > Your-Workspace-Name, then navigate to Settings and select the Live access sessions tab
This page shows all live sessions on all clouds for your workspace, including:
- Session name
- Subject - the username of the user who has access in this session
- Role - the role this user has assumed
- Cluster/Namespace - the cluster and namespace being accessed
- Expires - the amount of time left on this session to access the cluster
- Session status
-
To revoke access, find the username whose access you want to revoke, and then click the Revoke access button for that username.
Screenshot(s)
- View live sessions
- Revoke a live sessions