An account defines the permissions of a user within a certain cluster (authorization).
Users in loft do not automatically have access to clusters. To give a user access to a cluster, you need to create an account for this user within the cluster.
Copy Cluster Accounts
When creating a new user, loft offers the option to copy cluster accounts from an existing user. You could also create a "template user," configure all cluster accounts and quotas for this template user, and then add the rest of your team by copying the accounts when adding the users.
Space Creation Settings
If you open the form to create or edit a cluster account, you will see the section "Space Creation Settings" which provides the following options:
- Space Limit to set a maximum number of namespaces for this account
- Timeout for Automatic Sleep Mode to enable automatic sleep mode after a certain period of inactivity
- Enforce Templates to specify templates which will be instantiated when creating a space with this account
- Labels & Annotations to specify metadata which should be set when creating a space3
Deleting an account will also delete:
- all AccountQuotas created for the account
- all spaces owned by the account
- all RBAC objects associated with the account and its spaces
Deletion of these objects will be handled by Kubernetes OwnerReferences.