Skip to main content
Version: 1.11.0

Create a Slice Workspace with Scoped Access

This use case shows how to create a new workspace and configure RBAC so users can only access resources in the namespaces associated with the workspace.

info

Ensure that you have have registered for EGS and other prerequisites.

Perform the following steps to create a workspace and configure access to it:

  1. Install EGS using the script.

  2. Create the intended namespaces in Kubernetes clusters that will be associated with workspaces.

  3. Access the Admin Portal by following the steps described in this topic.

  4. On the Admin Portal, go to k8s clusters on the left sidebar to register worker clusters on which you have namespaces created.

    For detailed steps, see register worker clusters.

  5. Go to Slice Workspaces on the left sidebar to create a workspace. For detailed steps, see Slice Workspace Operations.

  6. Go to Namespaces on the left sidebar to onboard namespaces from your worker clusters onto the newly created workspace. For detailed steps, see Onboarding Namespaces.

  7. Go to RBAC on the left sidebar, and select your slice workspace, and click Assign Roles.

    Select a service account and assign the deployment-role-template role before hitting Next and selecting the deployment-role-template and assigning namespaces to it.

    Finish by applying the generated YAML.

    For detailed steps, see Manage RBAC.

  8. After you assign roles and select Done, you return to the RBAC page. Download the KubeConfig file for accessing your worker clusters by clicking it for your slice workspace.

    For detailed steps, see download the KubeConfig file.

    A user with this KubeConfig file may access only the namespaces associated with the slice workspace.

  9. Go to Users towards the bottom of the left sidebar. On the Users page, click Add User. For more detailed steps on how to add a new user, see Manage Users.

  10. An Admin can either create a token or API token and share it with the user to access the User Portal. For detailed steps, see:

  11. As a user, you can view the slice workspace resources, API tokens, and create GPRs and inflection endpoints. For more details, see User Operations.

Copyright © Avesha 2025. All rights reserved.  Terms and Conditions  and  Privacy Policy