Cluster Administrators should leverage G Suite Groups and Cloud IAM to assign Kubernetes user roles to a collection of users instead of individual emails using only Cloud IAM. On- and off-boarding users is often difficult to automate and prone to error. Using a single source of truth for user permissions via G Suite Groups reduces the number of locations that an individual must be off-boarded from and prevents users from gaining unique permissions sets that increase the cost of audit.
### Tasks
- [x] Cluster setup for RBAC users with Google Groups
Cluster Administrators should leverage G Suite Groups and Cloud IAM to assign Kubernetes user roles to a collection of users instead of individual emails using only Cloud IAM. On- and off-boarding users is often difficult to automate and prone to error. Using a single source of truth for user permissions via G Suite Groups reduces the number of locations that an individual must be off-boarded from and prevents users from gaining unique permissions sets that increase the cost of audit.
Documentation