You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
####The proper/secure way for Kubernetes Cluster 1.24+
355
355
356
-
For production environments you should create a service account and/or role for Codefresh access.
357
-
The minimum permissions Codefresh needs to work with the cluster are the following:
356
+
For production environments, create a service account and/or role for Codefresh access.
357
+
358
+
Codefresh needs these minimum permissions to work with the cluster:
358
359
359
360
`codefresh-role.yml`
360
361
{% highlight yaml %}
@@ -370,7 +371,7 @@ rules:
370
371
{% endraw %}
371
372
{% endhighlight %}
372
373
373
-
Note that these permissions will only allow Codefresh to read the cluster resources and populate the respective dashboards. You need to give more privileges for actual deployments. For more information see the[Kubernetes RBAC documentation page](https://kubernetes.io/docs/reference/access-authn-authz/rbac/).
374
+
Note that these permissions will only allow Codefresh to read the cluster resources and populate the respective dashboards. You need to give more privileges for actual deployments. For more information see the[Kubernetes RBAC documentation page](https://kubernetes.io/docs/reference/access-authn-authz/rbac/){:target="\_blank"}.
374
375
375
376
Here is an example with role + service account + binding.
376
377
@@ -417,16 +418,17 @@ metadata:
417
418
{% endraw %}
418
419
{% endhighlight %}
419
420
420
-
Select the appropriate cluster if you have more than one:
421
+
<br />
421
422
423
+
1. Select the appropriate cluster if you have more than one: