In the Administration → Access management → Users section, click the Add user button above the list of users.
In the window that opens, specify the following settings:
User name is a unique value that must be assigned to a user for identification within Kaspersky Container Security.
A user name can include only letters of the English alphabet and numerals. The minimum user name length is 4 characters, and the maximum user name length is 254 characters.
Display name (optional) is the value that is displayed in the solution web interface. If this parameter is not specified, the user name is displayed in the web interface.
Email (optional).
Enter the password in the Password field.
Passwords have the following requirements:
The password must contain numerals, special characters, and uppercase and lowercase letters.
The minimum password length is 6 characters, and the maximum password length is 72 characters. The default password length is 8 characters.
Confirm the entered password in the Confirm password field.
Select the check box if the user should change the password the next time the solution starts.
While you are not required to assign a role when creating a user, a new user without an assigned role will not be able to interact with Kaspersky Container Security.
Click Add.
To add a user, permission to view and configure settings is required. If you do not have this permission, any user you add will only be able to view the main page of the solution.
To add a user role:
In the Administration → Access management → Roles section, click the Add role button above the list of roles.
In the displayed sidebar, go to the General information tab and specify the following:
Role ID is a unique value that must be assigned to a role for identification within Kaspersky Container Security.
The role ID can include uppercase Latin letters and numbers. A role ID cannot contain special characters or spaces.
Role name is the value displayed in the solution web interface.
Description (optional).
Scope is a setting that is used to differentiate access to resources.
Active Directory groups lists Active Directory groups that the user is a member of.
Go to Permissions tab and for each solution functionality, select one of the following access permission options for the role that you are creating:
No access.
View.
View and manage.
View and run rescan.
Click Add.
To add a scope:
In the Administration → Access management → Scopes section, click the Add scope button above the table with the list of scopes.
In the window that opens, specify the scope name and, if necessary, a scope description.
In the Resources section, select the resources for the scope:
Click the Add resources by registry button, and in the drop-down list, select the registries for the scope. You can define a more specific scope by selecting specific repositories and images from these repositories in the drop-down list.
Click the Add resources by cluster button and select the orchestrators for the scope from the drop-down list. You can define a more specific scope by selecting specific clusters, namespaces, and images from the orchestrators used to deploy the containers in the clusters.
You do not need to specify the resources to which you want to grant monitoring access. The solution can create scopes without specifying resources in them.