Istio Internal Access Bindings
DEPRECATED: use Access Bindings instead.
IstioInternalAccessBindings is an assignment of roles to a set of users or
teams to access resources under a Istio internal group. The user or team
information is obtained from an LDAP server that should have been
configured as part of Service Bridge installation. Note that a
IstioInternalAccessBinding can be created or modified only by users who
have SET_POLICY permission on the Istio internal group.
The following example assigns the istiointernal-admin role to users
alice, bob, and members of the istiointernal-ops team for
istio internal group g1 under workspace w1 owned by the tenant
mycompany. Use fully-qualified name (fqn) when specifying user and team
apiVersion: rbac.tsb.tetrate.io/v2
kind: IstioInternalAccessBindings
metadata:
organization: myorg
tenant: mycompany
workspace: w1
group: g1
spec:
allow:
- role: rbac/istiointernal-admin
subjects:
- user: organization/myorg/users/alice
- user: organization/myorg/users/bob
- team: organization/myorg/teams/istiointernal-ops
IstioInternalAccessBindings
IstioInternalAccessBindings assigns permissions to users of istio internal groups.
| Field | Description | Validation Rule |
|---|---|---|
|
allow |
List of tetrateio.api.tsb.rbac.v2.Binding |
– |