debian-mirror-gitlab/doc/install/kubernetes/preparation/rbac.md

# Role Based Access Control

Until Kubernetes 1.7, there were no permissions within a cluster. With the launch
of 1.7, there is now a [role based access control system (RBAC)](https://kubernetes.io/docs/admin/authorization/rbac/)
which determines what services can perform actions within a cluster.

RBAC affects a few different aspects of GitLab:

- [Installation of GitLab using Helm](tiller.md#preparing-for-helm-with-rbac)
- Prometheus monitoring
- GitLab Runner

## Checking that RBAC is enabled

Try listing the current cluster roles, if it fails then `RBAC` is disabled.
The following command will output `false` if `RBAC` is disabled and `true` otherwise:

```sh
kubectl get clusterroles > /dev/null 2>&1 && echo true || echo false
```
New upstream version 11.8.10+dfsg 2019-05-30 16:15:17 +05:30			`# Role Based Access Control`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30
New upstream version 11.8.10+dfsg 2019-05-30 16:15:17 +05:30			`Until Kubernetes 1.7, there were no permissions within a cluster. With the launch`
			`of 1.7, there is now a [role based access control system (RBAC)](https://kubernetes.io/docs/admin/authorization/rbac/)`
			`which determines what services can perform actions within a cluster.`

			`RBAC affects a few different aspects of GitLab:`

			`- [Installation of GitLab using Helm](tiller.md#preparing-for-helm-with-rbac)`
			`- Prometheus monitoring`
			`- GitLab Runner`

			`## Checking that RBAC is enabled`

			Try listing the current cluster roles, if it fails then `RBAC` is disabled.
			The following command will output `false` if `RBAC` is disabled and `true` otherwise:

			```sh
			`kubectl get clusterroles > /dev/null 2>&1 && echo true \|\| echo false`
			```