kubernetes google-cloud-platform google-kubernetes-engine google-cloud-iam

How to restrict termination of k8s clusters within a project

How to restrict termination of k8s clusters within a project, to certain users:

dev team creates project-dev k8s cluster
qa team creates project-qa k8s cluster
prod team creates project-prod k8s cluster

How can we prevent dev, qa, prod team members from deleting clusters which they didn't create.

How should we set up RBAC for a Google Cloud project?

Solution

You need to create a project for each team and they create the cluster in their project. If you don't grant the teams in other projects, they won't be able to touch them.

How can I close over variables in kdb/Q?
When is the EACH operator extension necessary in K besides mod/rotate?
Handling single-character strings - in a function or in its caller? ssr()
Kdb+ data fomat when writing to a file
How to convert a symbol to a string in kdb+?
Sum of each two elements using vector functions
A dictionary with a single value and multiple keys
Table transformation, table as list of dicts
Accumulator gives different result then direct function applying
Reshape [cols;table]
FK field over IPC
Protected execution, 2 cases
Enums for tables
Converge (fixed point) syntax difference in q and k
.Q.trp and bt handling
NULLs in q and in k.h
Strange view declaration behaviour
How to build a parse-tree of projections?
Could not evaluate manually created equial ~ parse tree
Select distinct for all columns from keyed table
Parallel execution: blocking receive, deferred synchronous
Multiple variable assignment in q
Select a table from the inside of external select
Select when one of filter-column may not exists
What is the meaning of `s attribute on a table?
On parallel execution - which side reports about an error?
Validate if a keyed table have unique keys
Applying dictionary to dictionary
About xkey implementation
Parse tree built on values from vars