Tetrate Service BridgeVersion: 1.6.xAccess Bindings
AccessBindings is an assignment of roles to a set of users or teams
to access resources. The user or team information is obtained from
an user directory (such an LDAP server or an external OIDC server)
that should have been configured as part of Service Bridge installation.
Note that an AccessBinding can be created or modified only by users
who have SET_POLICY permission on the target resource.
The following example assigns the workspace-admin role to users
alice, bob, and members of the t1 team for the workspace w1
owned by the tenant mycompany.
Use fully-qualified name (fqn) when specifying the target resource, as well as for the users and teams.
apiVersion: rbac.tsb.tetrate.io/v2
kind: AccessBindings
metadata:
fqn: organizations/myorg/tenants/mycompany/workspaces/w1
spec:
allow:
- role: rbac/workspace-admin
subjects:
- user: organizations/myorg/users/alice
- user: organizations/myorg/users/bob
- team: organizations/myorg/teams/t1
AccessBindings
AccessBindings assigns permissions to users of any TSB resource.
| Field | Description | Validation Rule |
|---|---|---|
allow | List of tetrateio.api.tsb.rbac.v2.Binding | – |