Difference between revisions of "Kubernetes RBAC"

From wikieduonline
Jump to navigation Jump to search
 
(18 intermediate revisions by 3 users not shown)
Line 1: Line 1:
[[Kubernetes]] [[RBAC]] uses the <code>rbac.authorization.k8s.io</code> [[API]] Group
+
[[Kubernetes]] [[RBAC]] uses the <code>rbac.authorization.k8s.io</code> [[API]] Group, GA since [[Kubernetes 1.8]] (Sep 2017)
  
 
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
 
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
  
 +
== Commands ==
 
* <code>[[kubectl create role]]</code>
 
* <code>[[kubectl create role]]</code>
 
* <code>[[kubectl create clusterrole]]</code>
 
* <code>[[kubectl create clusterrole]]</code>
Line 12: Line 13:
 
* <code>[[kubectl auth can-i]]</code>
 
* <code>[[kubectl auth can-i]]</code>
  
== Roles ==
+
== [[K8s Cluster roles]] ==
* https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
+
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
: <code>[[cluster-admin]]</code>
+
{{K8s roles TOC}}
: <code>[[admin]]</code>
+
 
: <code>[[edit]]</code>
+
Review https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 for screenshoots of AWS EKS console depending of different roles.
: <code>[[view]]</code>
+
 
 +
Related: <code>[[groups:]]</code>, <code>[[kubectl get clusterroles]]</code>
  
 
== Related terms ==
 
== Related terms ==
* <code>[[kubectl create]]</code>
+
* [[cluster-read-only-role]]
 +
* [[Kubernetes tokens]]
 
* [[Attribute-based access control (ABAC)]]
 
* [[Attribute-based access control (ABAC)]]
* <code>[[kubectl get role]]</code>
+
* [[Kubernetes service account]]:  <code>[[kubectl create serviceaccount]]</code>
* [[CKA 1.23]]: Manage [[role based access control]] (RBAC)
+
* [[CKA 1.23]]: [[Manage role based access control (RBAC)]]
* [[CKA 1.20]]
+
* [[AWS Controllers for Kubernetes (ACK)]]
* <code>[[kubectl create serviceaccount]]</code>
 
* [[ACK]]
 
 
* [[Amazon EKS authorization]]
 
* [[Amazon EKS authorization]]
 +
* [[Amazon EKS cluster endpoint (API server) access control]]
 +
 +
== Activities ==
 +
* Learn the differences between <code>[[Role]]</code> and <code>[[ClusterRole]]</code>: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole
  
 
== News ==
 
== News ==
Line 36: Line 41:
 
* {{kubectl auth}}
 
* {{kubectl auth}}
 
* {{Kubernetes RBAC}}
 
* {{Kubernetes RBAC}}
* {{RBAC}}
 
  
 
[[Category:Kubernetes]]
 
[[Category:Kubernetes]]

Latest revision as of 10:59, 10 July 2024

Kubernetes RBAC uses the rbac.authorization.k8s.io API Group, GA since Kubernetes 1.8 (Sep 2017)

https://kubernetes.io/docs/reference/access-authn-authz/rbac/

Commands[edit]


K8s Cluster roles[edit]

https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles

Review https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 for screenshoots of AWS EKS console depending of different roles.

Related: groups:, kubectl get clusterroles

Related terms[edit]

Activities[edit]

News[edit]

See also[edit]

  • https://www.mirantis.com/blog/whats-new-kubernetes-1-6-focus-stability/
  • Advertising: