Restrict access to specific users and groups
You can determine which users and groups are allowed to access Che.
This page is for platform administrators who install, configure, and manage Che on Kubernetes clusters. To learn more about common roles and example tasks referenced in Che documentation, see Common user roles and tasks.
-
An active
kubectlsession with administrative permissions to the destination Kubernetes cluster. See Overview of kubectl.
-
Configure the
CheClusterCustom Resource. See Using the CLI to configure the CheCluster Custom Resource.spec: networking: auth: advancedAuthorization: allowUsers: - <allow_users> (1) allowGroups: - <allow_groups> (2) denyUsers: - <deny_users> (3) denyGroups: - <deny_groups> (4)1 List of users allowed to access Eclipse Che. 2 List of groups of users allowed to access Eclipse Che (for OpenShift Container Platform only). 3 List of users denied access to Eclipse Che. 4 List of groups of users denied to access Eclipse Che (for OpenShift Container Platform only). -
Wait for the rollout of the Che server components to be completed.
|
To allow a user to access Che, add them to the If If both |