Tetrate Istio Subscription PlusVersion: LatestWorkspace Access Bindings
Tetrate Istio Subscription Plus (TIS+) utilizes many of the same components as the Tetrate Service Bridge(TSB) product but has the several distinctions.
DEPRECATED: use Access Bindings instead.
WorkspaceAccessBindings is an assignment of roles to a set of users or
teams to access resources under a Workspace. The user or team
information is obtained from an LDAP server that should have been
configured as part of Istio Subscription Plus installation. Note that a
WorkspaceAccessBinding can be created or modified only by users who
have SET_POLICY permission on the Workspace.
The following example assigns the workspace-admin role to users
alice, bob, and members of the t1 team for all workspace w1
owned by the tenant mycompany. Use fully-qualified name (fqn) when specifying user and team
apiVersion: rbac.tsb.tetrate.io/v2
kind: WorkspaceAccessBindings
metadata:
organization: tis+
tenant: tis+
workspace: w1
spec:
allow:
- role: rbac/workspace-admin
subjects:
- user: organization/myorg/users/alice
- user: organization/myorg/users/bob
- team: organization/myorg/teams/t1
WorkspaceAccessBindings
WorkspaceAccessBindings assigns permissions to users of workspaces.
| Field | Description | Validation Rule |
|---|---|---|
allow | List of tetrateio.api.tsb.rbac.v2.Binding | – |