Skip to main content
Version: Next 🚧

Creating a custom role

As described in the Authorization reference, Epinio Roles are Kubernetes ConfigMaps with a particular label.

To create a role execute the kubectl command:

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ConfigMap
labels: "true"
name: epinio-custom-role
namespace: epinio
id: custom-role
name: "My Custom Role"
actions: |

After that restart the Epinio server pod to force Epinio to reload the extended set of roles. This is done by deleting the pod, causing the Epinio deployment to restart it:

kubectl delete pod -n epinio -l ''

Then, to assign the role to a user, update the user annotation:

# get the old roles assigned to te user
OLD_ROLES=$(kubectl get secrets -n epinio MY_USER -o jsonpath='{.metadata.annotations.epinio\.io/roles}')

# append the new role to them
kubectl annotate secret -n epinio --overwrite MY_USER "$OLD_ROLES,custom-role"

Check the Authorization reference for the list of actions assignable to roles.