Security and access

Access boundaries, RBAC interpretation and secrets-handling expectations for a read-only operational portal.

RBACSecretsRead-only
Docs homeConceptsPlatform structureOperator guideTroubleshootingSecurityReference

Role boundaries

Use RBAC views to identify who can read, write or administer a namespace or service account. A role binding that looks correct in isolation may still be ineffective if the subject, namespace or attached service account is not the one used by the workload.

Service accounts and secrets

The portal is for metadata review, not secret retrieval. Use it to identify service account names, configuration relationships and ownership boundaries; use the standard administrative path for value-level changes or secret inspection.

Read-only behavior

NoteRead-only mode means operators can inspect objects, relationships and current status without mutating the environment from this interface.
  • No direct scaling or restart actions from the portal.
  • No raw secret values in configuration views.
  • Access overviews confirm scope and path, then hand off to the standard privileged route when required.

When to escalate

Escalate when the issue affects role intent rather than object status: inconsistent access, service account misuse, unexpected secret references or repeated policy denials that do not align with expected ownership.

For WS110-specific refusal handling, see WS110 / WS111 / WS112 access behavior.

โ† TroubleshootingData reference โ†’