Uploaded image for project: 'Product Technical Learning'
  1. Product Technical Learning
  2. PTL-15127

DO316: ch10s03 - comprehensive review lab clusterrole assignment discrepancy - RHT2400668

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • DO316 - OCP4.16-en-4-20250704
    • DO316 - OCP4.16-en-3-20250110
    • DO316
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • 10
    • en-US (English)

      URL: ch10s03
      Reporter RHNID: bmerot
      Section title: Lab: Use a Template to Deploy a Virtual Machine and Prepare a Node for Maintenance
      Language: English

      Issue description

      The lab incorrectly assigns the broad 'admin' ClusterRole to the 'vm-admins' group, contradicting the course's emphasis on least privilege. The ClusterRole should be changed to 'kubevirt.io:admin' for better security and alignment with course teachings.

      This is part of the chapter2 lab review that applies the same principle of the least privilege grant. 

      https://rol.redhat.com/rol/app/courses/do316-4.16/pages/ch02s09

       

       

      Workaround:
      Change the ClusterRole assigned to the 'vm-admins' group from 'admin' to 'kubevirt.io:admin'.

       

        1. image-2025-06-23-16-26-27-652.png
          image-2025-06-23-16-26-27-652.png
          176 kB
        2. image-2025-06-23-16-23-24-943.png
          image-2025-06-23-16-23-24-943.png
          9 kB

              rht-bgargallo Bernardo Andres Gargallo Jaquotot
              carias@redhat.com Carlos Arias
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: