This is a cache of https://docs.openshift.com/dedicated/osd_install_access_delete_cluster/osd-revoking-cluster-privileges.html. It is a snapshot of the page at 2024-11-24T05:13:27.104+0000.
Revoking privileges and access to an OpenShift Dedicated cluster | Installing, accessing, and deleting OpenShift Dedicated clusters | OpenShift Dedicated
×

As cluster owner, you can revoke admin privileges and user access to a OpenShift Dedicated cluster.

Revoking administrator privileges from a user

Follow the steps in this section to revoke dedicated-admin privileges from a user.

Prerequisites
  • You logged in to OpenShift Cluster Manager.

  • You created an OpenShift Dedicated cluster.

  • You have configured a GitHub identity provider for your cluster and added an identity provider user.

  • You granted dedicated-admin privileges to a user.

Procedure
  1. Navigate to OpenShift Cluster Manager and select your cluster.

  2. Click the Access control tab.

  3. In the Cluster Roles and Access tab, select kebab next to a user and click Delete.

Verification
  • After revoking the privileges, the user is no longer listed as part of the dedicated-admins group under Access controlCluster Roles and Access on the OpenShift Cluster Manager page for your cluster.

Revoking user access to a cluster

You can revoke cluster access from an identity provider user by removing them from your configured identity provider.

You can configure different types of identity providers for your OpenShift Dedicated cluster. The following example procedure revokes cluster access for a member of a GitHub organization or team that is configured for identity provision to the cluster.

Prerequisites
  • You have an OpenShift Dedicated cluster.

  • You have a GitHub user account.

  • You have configured a GitHub identity provider for your cluster and added an identity provider user.

Procedure
  1. Navigate to github.com and log in to your GitHub account.

  2. Remove the user from your GitHub organization or team:

Verification
  • After removing the user from your identity provider, the user cannot authenticate into the cluster.