Kerberos, by design, focuses on authentication only. It provides the user’s principal and is not managing user groups.
For managing the authorization (fine-grained permissions) of users:
1. First, create permissions for a group of users
In the above example, we are creating 2 x new user groups for development and devops,
their associated data and application security and any self-service admin-level capabilities.
2. Then add users to groups:
In the above example, we are adding the user with the principal in the format username@REALM as a member
of the DevOps group.
3. That’s it.
Now you have fine-grain permissions on groups of users via Kerberos authentication.
For automation use the APIs or the CLI for GitOps.
On this page