To add cluster admin privileges to a particular user do the following.
When authenticating to the Openshift cluster via ACO, it will automatically create a User object within Openshift. eg:
kind: User apiVersion: user.openshift.io/v1 metadata: name: email@address.com ...
Created a Group ocp-ci-admins, and added the following users. Each "user" corresponds with the metadata, name for the corresponding User object.
kind: Group apiVersion: user.openshift.io/v1 metadata: name: ocp-ci-admins selfLink: /apis/user.openshift.io/v1/groups/ocp-ci-admins uid: 24a5ad4d-7ee0-4e30-8f92-4b398ba5d389 resourceVersion: '6800501' creationTimestamp: '2020-05-27T16:03:26Z' users: - email@address.com
Added a ClusterRoleBinding, to bind our Group ocp-ci-admins to the ClusterRole cluster-admin
kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: ocp-ci-cluster-admins selfLink: /apis/rbac.authorization.k8s.io/v1/clusterrolebindings/ocp-ci-cluster-admins uid: 7979a53b-6597-4ec7-9d6c-53b5ab8004c7 resourceVersion: '6799178' creationTimestamp: '2020-05-27T16:03:58Z' subjects: - kind: Group apiGroup: rbac.authorization.k8s.io name: ocp-ci-admins roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin