Hmm this is what I understood from both David and you. Options 1:
1. Grant Cluster “admin” role to robot account (not cluster-admin but just cluster ‘admin’ role) 2. Robot user being used (token) to create/modify/delete project1 3. Grant user1 to project admin access. Once user1 has project admin access, user1 can him self grant project admin/edit/view roles to his team mates 4. Setup quota limits etc at project1 level by robot user Option 2: 1. Create a custom role with required rules to robot account 2. Repeat above steps Am not sure what is the difference between cluster-admin Vs admin roles at cluster bindings. After looking at role bindings, cluster-admin has more power then admin roles Please confirm whether my understanding above is correct or not. -- Srinivas Kotaru On 8/4/16, 2:48 PM, "[email protected] on behalf of Tobias Florek" <[email protected] on behalf of [email protected]> wrote: >Hi Srinivas, > >I don't think you got the David's points. In order to grant "admin" to >any other user, the user granting needs to have (at least) admin >privileges. If this account should do that in any project, it will need >admin privileges in any project. > >I hope I explained it in a coherent manner. > >Good luck with the setup, > Tobi(as Florek) > >_______________________________________________ >users mailing list >[email protected] >http://lists.openshift.redhat.com/openshiftmm/listinfo/users _______________________________________________ users mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/users
