diff --git a/pages/kubernetes/how-to/connect-cluster-kubectl.mdx b/pages/kubernetes/how-to/connect-cluster-kubectl.mdx index 852f4131c1..89cc0408b1 100644 --- a/pages/kubernetes/how-to/connect-cluster-kubectl.mdx +++ b/pages/kubernetes/how-to/connect-cluster-kubectl.mdx @@ -30,22 +30,11 @@ If your Organization uses IAM to control access, ensure that you or your group/a - `KubernetesFullAccess` (or `KubernetesReadOnly`, depending on your needs): Grants you the ability to manage (or list/read) Kubernetes clusters, nodes, and related actions in your Scaleway Project. -To create a new policy with the correct permission sets, follow these steps: - -### Configure an IAM policy - -1. **Create a new policy**: Navigate to the **Policies** tab in your Organization’s IAM console and create a new policy. -2. **Add your user (or group/application)**: Assign your user, group, or application as the **Principal**. -3. **Add an IAM rule**: - - **Scope**: Set to **Access to resources** and specify the desired Project(s). - - **Permission Sets**: Include the following as needed: - - `KubernetesFullAccess` for full cluster management. - - `KubernetesReadOnly` for read-only access. -4. Click **Validate** and then **Create Policy**. - - - Refer to our [policy and permission sets documentation](/iam/reference-content/permission-sets/) for more details. - - Scaleway may **automatically generate IAM resources**, such as applications, groups and policies. Refer to [auto-generated IAM resources](/iam/reference-content/auto-generated-iam-resources/) for further information. - +If you have not yet configured IAM on your account, you can generate a `kubeconfig` file with IAM and the required permission sets from the Scaleway console after creating a cluster. + + +For detailed information about the configuration of IAM policies for your Kubernetes clusters, refer to our dedicated documentation [Setting IAM permissions and implementing RBAC on a cluster](/kubernetes/reference-content/set-iam-permissions-and-implement-rbac/). + ## Accessing the cluster diff --git a/pages/kubernetes/reference-content/set-iam-permissions-and-implement-rbac.mdx b/pages/kubernetes/reference-content/set-iam-permissions-and-implement-rbac.mdx index 5eb6d503e9..51e0696591 100644 --- a/pages/kubernetes/reference-content/set-iam-permissions-and-implement-rbac.mdx +++ b/pages/kubernetes/reference-content/set-iam-permissions-and-implement-rbac.mdx @@ -31,6 +31,26 @@ An [IAM policy](/iam/concepts/#policy) defines the permissions for users, groups The combination of IAM and Kubernetes RBAC allows you to define fine-grained access levels for cluster users. + + For more information on how to download and use the `kubeconfig` file with IAM permissions, refer to [How to connect to a Kubernetes Kapsule cluster with kubectl](/kubernetes/how-to/connect-cluster-kubectl/). + + +### Configuring an IAM policy + +To create a new policy with the correct permission sets using the [Scaleway console](https://console.scaleway.com/), follow these steps: + +1. **Create a new policy**: Navigate to the **Policies** tab in your Organization’s IAM console and [create a new policy](/iam/how-to/create-policy/). +2. **Add your user (or group/application)**: Assign your user, group, or application as the **Principal**. +3. **Add an IAM rule**: + - **Scope**: Set to **Access to resources** and specify the desired Project(s). + - **Permission Sets**: Include the following, as needed: + - `KubernetesFullAccess` for full cluster management. + - `KubernetesReadOnly` for read-only access. +4. Click **Validate** and then **Create Policy**. + + - Refer to our [policy and permission sets documentation](/iam/reference-content/permission-sets/) for more details. + - Scaleway may **automatically generate IAM resources**, such as applications, groups and policies. Refer to [auto-generated IAM resources](/iam/reference-content/auto-generated-iam-resources/) for further information. + ### Mapping IAM permission sets to Kubernetes groups