• Improve this Doc

    Show / Hide Table of Contents

    How to manage OpenShift access in the UKCloud Portal

    Overview

    If your cluster is using OpenShift Container Platform 3.10 or later, you can manage access to OpenShift clusters in the UKCloud Portal so that users need to remember only one lot of credentials and can also take advantage of two-factor authentication (2FA) that is provided via the Portal.

    Note

    UKCloud engineers will sometimes need to add their user accounts (ending in *@ukcloud.com*) to your UKCloud Portal account and OpenShift environment to diagnose issues in response to customer tickets or monitoring alerts. The access will be removed when it is no longer required, however the user may continue to show in the output of the oc get users command. If you have any concerns about a user showing in your account, raise a service request for advice.

    Managing access to an OpenShift cluster

    Note

    If your cluster is using OpenShift Container Platform 3.9, raise a service request to add new users.

    1. Log in to the UKCloud Portal

      For more detailed instructions, see the Getting Started Guide for the UKCloud Portal.

      Note

      You must log in as a Portal administrator.

    2. If necessary, switch to the account that contains the services you want the user to be able to access.

    3. If the user does not already have a UKCloud Portal user account, you'll need to create an account for them first. For more information, see How to create a new user in the UKCloud Portal.

    4. To grant the user permissions to log into your OpenShift cluster, in the navigation panel, expand Contacts, then select All Contacts.

      All Contacts menu option in UKCloud Portal

    5. On the Contacts page, use the Search field to find the user to whom you want to assign OpenShift permissions and then click the Edit button.

      Edit button for Portal contact

    6. On the Edit contact page, select the OpenShift Permissions tab.

      OpenShift permissions tab for Portal contact

    7. Select the check box(es) for the cluster(s) that you want the user to have access to, then click Save

      OpenShift permissions checkboxes

      If you've enabled two-factor authentication (2FA) in the account that includes the OpenShift cluster and the user has set up 2FA for their user account, they'll be prompted to provide a 2FA code when logging in to OpenShift.

    Note

    By default, the user will be able to create new projects in OpenShift but they will be unable to view existing projects. Additional cluster or project roles can be added to the user if required. See the OpenShift Managing role bindings documentation.

    Feedback

    If you find a problem with this article, click Improve this Doc to make the change yourself or raise an issue in GitHub. If you have an idea for how we could improve any of our services, send an email to feedback@ukcloud.com.

    ☀
    ☾
    Generated by DocFX
    Back to top
    © UKCloud Ltd, 2022. All Rights Reserved.
    Privacy Policy. Terms of Use. Contribute.

    The UKCloud Knowledge Centre uses cookies to ensure that we give you the best experience on our website. If you continue we assume that you consent to receive all cookies on this website.