Docs
Kubernetes
IAM

Kubernetes IAM

Overview

Thalassa Cloud’s Kubernetes IAM (Identity and Access Management) system provides a centralized way to manage access to your Kubernetes clusters. The system uses a combination of cluster roles and role bindings to control access across all clusters in your organization.

Key Features

  • Centralized Access Management: Manage access to all clusters from a single interface
  • Team-Based Access Control: Organize users into teams for easier management
  • Predefined Cluster Roles: Use our carefully designed roles for different access levels
  • Automatic Propagation: Role bindings are automatically applied to all clusters
  • Audit Trail: Track all access changes and permission modifications

Documentation Sections

Cluster Roles

Getting Started

  1. Review Available Roles: Understand the different cluster roles and their permissions
  2. Create Teams: Organize your users into teams based on their responsibilities
  3. Assign Roles: Link teams to appropriate cluster roles
  4. Verify Access: Test access to ensure permissions are correctly applied

Best Practices

  • Use teams instead of individual user assignments
  • Follow the principle of least privilege
  • Regularly audit access permissions
  • Document team structures and role assignments
  • Review and update access when team members change roles

Future Enhancements

We are continuously improving our IAM system. Planned enhancements include:

  • Per-cluster role bindings
  • Project-level access control