Kubernetes roles and bindings

Role-Based Access Control is only available in Portainer Business Edition.

When managing a Kubernetes environment with Portainer, the Role-Based Access Control (RBAC) configuration is based on two components:

  • Kubernetes' cluster roles and namespace roles (which restrict access to Kubernetes itself)

  • Portainer's authorization flags (which restrict access to Portainer's functionality)

The following tables provide a reference for how our Portainer roles map to capabilities within Kubernetes.

Role Allocations

Cluster Roles

portainer-basic

portainer-helpdesk

portainer-operator

Namespace Roles

portainer-edit

portainer-view

Portainer Access Restrictions

Last updated