$ rosa revoke user dedicated-admin --user=<idp_user_name> --cluster=<cluster_name>
Delete access to a Red Hat OpenShift Service on AWS (ROSA) cluster using the rosa
command-line.
AWS Security Token Service (STS) is the recommended credential mode for installing and interacting with clusters on Red Hat OpenShift Service on AWS (ROSA) because it provides enhanced security. |
dedicated-admin
access using the ROSA cliYou can revoke access for a dedicated-admin
user if you are the user who created the cluster, the organization administrator user, or the super administrator user.
You have added an Identity Provider (IDP) to your cluster.
You have the IDP user name for the user whose privileges you are revoking.
You are logged in to the cluster.
Enter the following command to revoke the dedicated-admin
access of a user:
$ rosa revoke user dedicated-admin --user=<idp_user_name> --cluster=<cluster_name>
Enter the following command to verify that your user no longer has dedicated-admin
access. The output does not list the revoked user.
$ oc get groups dedicated-admins
cluster-admin
access using the ROSA cliOnly the user who created the cluster can revoke access for cluster-admin
users.
You have added an Identity Provider (IDP) to your cluster.
You have the IDP user name for the user whose privileges you are revoking.
You are logged in to the cluster.
Enter the following command to revoke the cluster-admin
access of a user:
$ rosa revoke user cluster-admins --user=myusername --cluster=mycluster
Enter the following command to verify that the user no longer has cluster-admin
access. The output does not list the revoked user.
$ oc get groups cluster-admins