Skip to main content
Version: 1.2.x

Application Access Bindings

ApplicationAccessBindings is an assignment of roles to a set of users or teams to access Application resources. The user or team information is obtained from an LDAP server that should have been configured as part of Service Bridge installation. Note that a ApplicationAccessBinding can be created or modified only by users who have SET_POLICY permission on the Application.

The following example assigns the application-admin role to users alice, bob, and members of the t1 team for the application app owned by the tenant mycompany.

apiVersion: rbac.tsb.tetrate.io/v2
kind: ApplicationAccessBindings
metadata:
organization: myorg
tenant: mycompany
application: app
spec:
allow:
- role: rbac/application-admin
subjects:
- user: alice
- user: bob
- team: t1

ApplicationAccessBindings

ApplicationAccessBindings assigns permissions to users of applications.

FieldDescriptionValidation Rule

allow

List of tetrateio.api.tsb.rbac.v2.Binding
The list of allowed bindings configures the different access profiles that are allowed on the resource configured by the policy.