It is confusing and documentation is not clear to understand it properly. Any help understanding will be appreciated.
If you are organizationAdmin, and created a Cloud API key, does it automatically have environmentAdmin and ClsuterAdmin permissions?
Are APIKeys needed for each cluster to use the REST API’s, is it possible to create APIKey at the Organization level?
If you are organizationAdmin, and created a Cloud API key, does it automatically have environmentAdmin and ClsuterAdmin permissions?
OrganizationAdmin is the highest privileged role, so it would be a “super set” of EnvironmentAdmin and CloudClusterAdmin [and other] roles. An API key is associated with a user/service account, so inherits that account’s permissions.
Are APIKeys needed for each cluster to use the REST API’s
Depends on the REST API endpoint. See REST API Authentication
is it possible to create APIKey at the Organization level?
Cloud API keys are the only type of keys scoped at the Organization level
@brendan-s : Thank you for the response. I understand now, and feel more comfortable now.