Custom roles configuring
Let’s assume that we need a role that only allows to run any check action on a cluster. In order to create it, we have to include the
Cluster Action: Check and
Service Action: Check permissions. We create a new role with those permissions included and name it
Cluster action check.
We create a new policy (
Action check) to implement the
Cluster action check role. We select the
user user to be affected by this policy.
We select the
Hive service and the
ADH cluster for the
Action check policy.
Action check policy is created, the
user is able to run check actions for the
ADH cluster and the
If we didn’t include the
Service Action: Check permission into the
Cluster action check role, we wouldn’t be able to select any service when creating the
Action check policy. The objects available to select when creating a new policy depend on the permissions included in the role a new policy is based on.