Difference between revisions of "Kubectl get clusterroles"
Jump to navigation
Jump to search
(31 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
{{lc}} | {{lc}} | ||
+ | * <code>[[kubectl get]] [[clusterroles]]</code> | ||
+ | |||
+ | |||
+ | [[eks:]] | ||
+ | [[system:]] | ||
+ | |||
+ | * <code>kubectl create clusterrolebinding view-youruser [[--clusterrole]]=[[view]] [[--serviceaccount]]=youruser:default</code> | ||
+ | |||
+ | == [[EKS]] == | ||
+ | |||
+ | [[admin]], [[cluster-admin]], [[edit]], [[view]] | ||
− | |||
[[kubectl get]] clusterroles | [[kubectl get]] clusterroles | ||
NAME CREATED AT | NAME CREATED AT | ||
− | admin 2022-06-22T14:31:15Z | + | [[admin]] 2022-06-22T14:31:15Z |
aws-node 2022-06-22T14:31:18Z | aws-node 2022-06-22T14:31:18Z | ||
cert-manager-cainjector 2022-06-30T08:30:31Z | cert-manager-cainjector 2022-06-30T08:30:31Z | ||
Line 15: | Line 25: | ||
cert-manager-edit 2022-06-30T08:30:31Z | cert-manager-edit 2022-06-30T08:30:31Z | ||
cert-manager-view 2022-06-30T08:30:31Z | cert-manager-view 2022-06-30T08:30:31Z | ||
− | cluster-admin 2022-06-22T14:31:15Z | + | [[cluster-admin]] 2022-06-22T14:31:15Z |
edit 2022-06-22T14:31:15Z | edit 2022-06-22T14:31:15Z | ||
eks:addon-manager 2022-06-22T14:31:19Z | eks:addon-manager 2022-06-22T14:31:19Z | ||
Line 30: | Line 40: | ||
eks:podsecuritypolicy:privileged 2022-06-22T14:31:19Z | eks:podsecuritypolicy:privileged 2022-06-22T14:31:19Z | ||
nginx-ingress 2022-06-29T18:56:31Z | nginx-ingress 2022-06-29T18:56:31Z | ||
− | system:aggregate-to-admin 2022-06-22T14:31:15Z | + | [[system:]]aggregate-to-admin 2022-06-22T14:31:15Z |
system:aggregate-to-edit 2022-06-22T14:31:15Z | system:aggregate-to-edit 2022-06-22T14:31:15Z | ||
system:aggregate-to-view 2022-06-22T14:31:15Z | system:aggregate-to-view 2022-06-22T14:31:15Z | ||
Line 89: | Line 99: | ||
system:service-account-issuer-discovery 2022-06-22T14:31:15Z | system:service-account-issuer-discovery 2022-06-22T14:31:15Z | ||
system:volume-scheduler 2022-06-22T14:31:15Z | system:volume-scheduler 2022-06-22T14:31:15Z | ||
− | view 2022-06-22T14:31:15Z | + | [[view]] 2022-06-22T14:31:15Z |
vpc-resource-controller-role 2022-06-22T14:31:22Z | vpc-resource-controller-role 2022-06-22T14:31:22Z | ||
+ | == Related == | ||
+ | * <code>[[kubectl get roles -A]]</code> | ||
+ | * <code>[[kubectl get rolebindings -A]]</code> | ||
+ | * <code>[[kubectl get clusterrolebindings]]</code> | ||
+ | * <code>[[kind: ClusterRole]]</code> | ||
+ | * <code>[[kubectl describe clusterroles]]</code> | ||
+ | * [[K8s Cluster roles]] | ||
+ | * <code>[[aws-auth]]</code> | ||
== See also == | == See also == | ||
− | * {{kubectl | + | * {{system:}} |
− | * {{ | + | * {{kubectl describe roles}} |
− | * {{ | + | * {{Kubernetes roles}} |
+ | * {{K8s RBAC}} | ||
[[Category:Kubernetes]] | [[Category:Kubernetes]] |
Latest revision as of 08:56, 11 July 2024
eks: system:
kubectl create clusterrolebinding view-youruser --clusterrole=view --serviceaccount=youruser:default
EKS[edit]
admin, cluster-admin, edit, view
kubectl get clusterroles NAME CREATED AT admin 2022-06-22T14:31:15Z aws-node 2022-06-22T14:31:18Z cert-manager-cainjector 2022-06-30T08:30:31Z cert-manager-controller-certificates 2022-06-30T08:30:31Z cert-manager-controller-challenges 2022-06-30T08:30:31Z cert-manager-controller-clusterissuers 2022-06-30T08:30:31Z cert-manager-controller-ingress-shim 2022-06-30T08:30:31Z cert-manager-controller-issuers 2022-06-30T08:30:31Z cert-manager-controller-orders 2022-06-30T08:30:31Z cert-manager-edit 2022-06-30T08:30:31Z cert-manager-view 2022-06-30T08:30:31Z cluster-admin 2022-06-22T14:31:15Z edit 2022-06-22T14:31:15Z eks:addon-manager 2022-06-22T14:31:19Z eks:certificate-controller-approver 2022-06-22T14:31:15Z eks:cloud-provider-extraction-migration 2022-06-22T14:31:15Z eks:cluster-event-watcher 2022-06-22T14:31:15Z eks:fargate-manager 2022-06-22T14:31:19Z eks:fargate-scheduler 2022-06-22T14:31:15Z eks:k8s-metrics 2022-06-22T14:31:15Z eks:node-bootstrapper 2022-06-22T14:31:19Z eks:node-manager 2022-06-22T14:31:19Z eks:nodewatcher 2022-06-22T14:31:15Z eks:pod-identity-mutating-webhook 2022-06-22T14:31:15Z eks:podsecuritypolicy:privileged 2022-06-22T14:31:19Z nginx-ingress 2022-06-29T18:56:31Z system:aggregate-to-admin 2022-06-22T14:31:15Z system:aggregate-to-edit 2022-06-22T14:31:15Z system:aggregate-to-view 2022-06-22T14:31:15Z system:auth-delegator 2022-06-22T14:31:15Z system:basic-user 2022-06-22T14:31:15Z system:certificates.k8s.io:certificatesigningrequests:nodeclient 2022-06-22T14:31:15Z system:certificates.k8s.io:certificatesigningrequests:selfnodeclient 2022-06-22T14:31:15Z system:certificates.k8s.io:kube-apiserver-client-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:kube-apiserver-client-kubelet-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:kubelet-serving-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:legacy-unknown-approver 2022-06-22T14:31:15Z system:controller:attachdetach-controller 2022-06-22T14:31:15Z system:controller:certificate-controller 2022-06-22T14:31:15Z system:controller:clusterrole-aggregation-controller 2022-06-22T14:31:15Z system:controller:cronjob-controller 2022-06-22T14:31:15Z system:controller:daemon-set-controller 2022-06-22T14:31:15Z system:controller:deployment-controller 2022-06-22T14:31:15Z system:controller:disruption-controller 2022-06-22T14:31:15Z system:controller:endpoint-controller 2022-06-22T14:31:15Z system:controller:endpointslice-controller 2022-06-22T14:31:15Z system:controller:endpointslicemirroring-controller 2022-06-22T14:31:15Z system:controller:ephemeral-volume-controller 2022-06-22T14:31:15Z system:controller:expand-controller 2022-06-22T14:31:15Z system:controller:generic-garbage-collector 2022-06-22T14:31:15Z system:controller:horizontal-pod-autoscaler 2022-06-22T14:31:15Z system:controller:job-controller 2022-06-22T14:31:15Z system:controller:namespace-controller 2022-06-22T14:31:15Z system:controller:node-controller 2022-06-22T14:31:15Z system:controller:persistent-volume-binder 2022-06-22T14:31:15Z system:controller:pod-garbage-collector 2022-06-22T14:31:15Z system:controller:pv-protection-controller 2022-06-22T14:31:15Z system:controller:pvc-protection-controller 2022-06-22T14:31:15Z system:controller:replicaset-controller 2022-06-22T14:31:15Z system:controller:replication-controller 2022-06-22T14:31:15Z system:controller:resourcequota-controller 2022-06-22T14:31:15Z system:controller:root-ca-cert-publisher 2022-06-22T14:31:15Z system:controller:route-controller 2022-06-22T14:31:15Z system:controller:service-account-controller 2022-06-22T14:31:15Z system:controller:service-controller 2022-06-22T14:31:15Z system:controller:statefulset-controller 2022-06-22T14:31:15Z system:controller:ttl-after-finished-controller 2022-06-22T14:31:15Z system:controller:ttl-controller 2022-06-22T14:31:15Z system:coredns 2022-06-22T14:31:19Z system:discovery 2022-06-22T14:31:15Z system:heapster 2022-06-22T14:31:15Z system:kube-aggregator 2022-06-22T14:31:15Z system:kube-controller-manager 2022-06-22T14:31:15Z system:kube-dns 2022-06-22T14:31:15Z system:kube-scheduler 2022-06-22T14:31:15Z system:kubelet-api-admin 2022-06-22T14:31:15Z system:monitoring 2022-06-22T14:31:15Z system:node 2022-06-22T14:31:15Z system:node-bootstrapper 2022-06-22T14:31:15Z system:node-problem-detector 2022-06-22T14:31:15Z system:node-proxier 2022-06-22T14:31:15Z system:persistent-volume-provisioner 2022-06-22T14:31:15Z system:public-info-viewer 2022-06-22T14:31:15Z system:service-account-issuer-discovery 2022-06-22T14:31:15Z system:volume-scheduler 2022-06-22T14:31:15Z view 2022-06-22T14:31:15Z vpc-resource-controller-role 2022-06-22T14:31:22Z
Related[edit]
kubectl get roles -A
kubectl get rolebindings -A
kubectl get clusterrolebindings
kind: ClusterRole
kubectl describe clusterroles
- K8s Cluster roles
aws-auth
See also[edit]
system:, system:masters, system:controller:, system:anonymous, system:serviceaccount:, system:serviceaccounts:, system:bootstrappers, system:node, system:nodes
,kubectl get clusterroles
kubectl describe roles
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding
, K8s Cluster roles - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: