Applying the required permissions to the projects (namespaces) for an instance of IBM Cloud Pak for Data
Before you install an instance of IBM Cloud Pak for Data, you must ensure that the project where the operators will be installed can watch the project where the Cloud Pak for Data control plane and services are installed.
- Installation phase
- Setting up a client workstation
- Who needs to complete this task?
-
Cluster administrator A cluster administrator must complete this task.
- When do you need to complete this task?
-
Repeat as needed If you plan to install multiple instances of Cloud Pak for Data, you must repeat this task for each instance that you plan to install.
Before you begin
Best practice: You can run the commands in
this task exactly as written if you set up environment variables. For instructions, see Setting up installation environment variables.
Ensure that you source the environment variables before you run the commands in this task.
About this task
You must run the authorize-instance-topology
command
to apply the required permissions to the projects that are associated with an instance of IBM Cloud Pak for Data.
The command:
- Creates the specified projects if they don't already exist.
- Creates the
NamespaceScope
operator in the operators project. - Applies the require role to the operands project and any tethered projects.
- Binds the applied role to the service account of the
NamespaceScope
operator.
Procedure
To apply the required permissions to the projects: