Overview Multi-Tenant KubeVirt

KubeVirt Multi-Tenant RBAC and Audit Governance

Shepherd helps platform teams expose KubeVirt to multiple teams with role-based access, scoped ownership, and auditable VM operations.

Try the demo View deployment docs

Separate platform control from tenant access

Multi-tenant KubeVirt operations need more than Kubernetes permissions alone. Platform teams need global controls, while application teams need scoped access to the VMs, services, systems, namespaces, and environments they own.

Dual-layer RBAC

Shepherd combines platform-facing RBAC with application ownership and environment scoping. The goal is to make daily access understandable to users while keeping administrative capabilities under explicit control.

  • Platform roles govern global capabilities.
  • System and service membership scopes access to managed resources.
  • Environment-aware binding helps separate production and non-production responsibility.

Audit trails for shared environments

When many teams share KubeVirt infrastructure, audit history becomes operational data. Shepherd records who requested, approved, and performed changes so reviews do not depend on scattered chat logs or shell history.

Related KubeVirt guides

KubeVirt Self-Service

Self-Service Portal

A request-approve-deliver portal for KubeVirt VMs with RBAC, audit history, and multi-cluster placement controls.

 KubeVirt UI

UI & Dashboard

A KubeVirt dashboard for teams that need more than a generic Kubernetes resource view: VM requests, approvals, access control, and audit history.

 KubeVirt VM Management

VM Management

Govern create, modify, power, delete, export, and console workflows for KubeVirt virtual machines.

 KubeVirt Governance

Approval Workflow

Govern VM create, change, power, delete, export, and console access flows through approval-aware operations.

 Multi-Cluster KubeVirt

Multi-Cluster

A cluster-aware KubeVirt management layer for teams operating VMs across environments, namespaces, and Kubernetes clusters.

 KubeVirt Console

Console Access

VNC and serial console entrypoints for KubeVirt VMs, tied to the same access and audit model as other VM lifecycle operations.

 Open-Source KubeVirt Management

Management Platform

A vendor-neutral control layer for KubeVirt VM governance, self-service, approval workflows, RBAC, and audit trails.

Questions teams ask

Does Shepherd provide multi-tenant KubeVirt management?

Yes. Shepherd is built around scoped access, role bindings, service ownership, and audit trails so multiple teams can use KubeVirt through a governed portal.

Is Kubernetes RBAC still used?

Kubernetes remains the infrastructure permission layer. Shepherd adds a product-level authorization and workflow layer that is easier to align with team ownership and approval rules.