Overview of Time-bound Access to Clusters, Environments and Namespaces
By default, you will not have privileges to access resources in the cluster, namespace, or appenv (Application Environment). Request short-term access as needed. This access is time-bound, meaning you'll automatically lose access after the specified period, usually an hour, enhancing overall security. Time-bound access applies to both Wayfinder's CLI and Wayfinder's User Interface.
You typically request time-bound access in scenarios where you want to access Wayfinder instance logs, pod/container logs, pod/container shell, or pod/container yaml.
Access to these are determined by both your user type and the assigned access policy as follows:
- Wayfinder's instance logs: Administrators only
- Pod / container logs: Any user who has an access policy permitting the use of a role which gives them access to the pod (such as 'namespace.view' or 'namespace.troubleshooting')
- Pod / container shell: Any user who has an access policy permitting the use of a role which gives them access to pod exec (such as 'namespace.troubleshooting')
- Pod / container yaml: Any user who has an access policy permitting the use of a role which gives them read access to the pod (such as 'namespace.troubleshooting')
In the CLI, you can specifically request access to clusters, namespaces, or appenvs.
In the Web Interface, you request access to namespaces through the Cluster and Environment sections in the UI.
What comes next?
Learn how to gain time-bound, short-term access to: