Creating a Least-Privileged User (Kubernetes)
To create a least-privileged user (LPU) for the management pack, you must complete the following tasks for the Kubernetes cluster you plan to monitor:
- Enable Role-Based Access Control (RBAC) authorization mode
- Install the LPU role
- Obtain the Bearer Token
Enable Role-Based Access Control (RBAC) authorization mode
Before you can install the bluemedora-k8s-lpu.tar.gz file, your cluster must have RBAC authorization enabled.
To enable RBAC authorization mode on your cluster, start your apiserver with the following command:
In some cases, RBAC is enabled by default. If it is already enabled, continue without running this command. If it is not, proceed only after running the command.
Install the LPU Role
Next, install the LPU role by running the following commands:
Obtain the Bearer Token
Finally, after the LPU role has been installed, you can get the Bearer Token needed when Creating a Credential (Kubernetes) by running the following command: