-
Task
-
Resolution: Done
-
Major
-
None
-
OSSM 2.0.0, OSSM 2.1.0
-
None
-
3
-
False
-
False
Capturing comment conversation from the Service Mesh in 2022 doc.
Multiple customers have expressed the desire for a read-only Kiali - or the ability to have role based permissions.
This feature already exists, you can either install read only Kiali or do it per RBAC permissions for different users.
See the view_only_mode setting: https://github.com/kiali/kiali-operator/blob/v1.41.0/deploy/kiali/kiali_cr.yaml#L406-L410
Here's the docs for Kiali v1.12 (which is the base for Kiali that ships with OSSM 1.1) and the upstream docs for Kiali 1.24 (for OSSM 2.0):
https://kiali.io/documentation/v1.12/getting-started/#_reducing_permissions_in_openshift
and
https://kiali.io/documentation/v1.24/installation-guide/#_reducing_permissions_in_openshift
Kiali is lightly doc'ed in the official OSSM documentation, but this setting is available in the SMCP and is documented here (albeit buried in the example yaml): https://docs.openshift.com/container-platform/4.8/service_mesh/v2x/ossm-reference-smcp.html
See where it shows:
kiali:
name: kiali
enabled: true
install: # install kiali CR if not present
dashboard:
viewOnly: false <<<--- HERE!!!
