Skip to content

Access model

Afi Kubernetes Backup can be managed both via the Afi portal and via kubectl through the API based on Kubernetes Custom Resource Definitions (CRDs).

Access roles in the Afi portal

Afi account (organization) administrator can add additional organization and tenant administrators to manage account and tenant settings, configure backups and perform data recovery and export.

Organization administrators are configured on the Configuration → Admins tab and have full control over organization settings (access control, licensing, etc.) as well as over tenants inside the organization (you can add and manage several tenants, ex. Kubernetes clusters, under a single Afi account).

Tenant administrators and backup operators (less privileged administrators) are configured on the Service → Settings → Access groups tab and have access to a specific tenant.

Access roles in cluster

When managing Afi Kubernetes Backup via kubectl, the access is provided based on configured roles and role bindings in a cluster.