Difference between revisions of "Kubernetes RBAC"
Jump to navigation
Jump to search
↑ https://www.mirantis.com/blog/whats-new-kubernetes-1-6-focus-stability/
(→Roles) |
|||
(4 intermediate revisions by the same user not shown) | |||
Line 13: | Line 13: | ||
* <code>[[kubectl auth can-i]]</code> | * <code>[[kubectl auth can-i]]</code> | ||
− | == | + | == [[K8s Cluster roles]] == |
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles | https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles | ||
− | + | {{K8s roles TOC}} | |
− | |||
− | |||
− | |||
Review https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 for screenshoots of AWS EKS console depending of different roles. | Review https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 for screenshoots of AWS EKS console depending of different roles. | ||
− | Related: <code>[[groups:]]</code> | + | Related: <code>[[groups:]]</code>, <code>[[kubectl get clusterroles]]</code> |
== Related terms == | == Related terms == | ||
+ | * [[cluster-read-only-role]] | ||
* [[Kubernetes tokens]] | * [[Kubernetes tokens]] | ||
* [[Attribute-based access control (ABAC)]] | * [[Attribute-based access control (ABAC)]] | ||
Line 31: | Line 29: | ||
* [[AWS Controllers for Kubernetes (ACK)]] | * [[AWS Controllers for Kubernetes (ACK)]] | ||
* [[Amazon EKS authorization]] | * [[Amazon EKS authorization]] | ||
+ | * [[Amazon EKS cluster endpoint (API server) access control]] | ||
== Activities == | == Activities == |
Latest revision as of 10:59, 10 July 2024
Kubernetes RBAC uses the rbac.authorization.k8s.io
API Group, GA since Kubernetes 1.8 (Sep 2017)
https://kubernetes.io/docs/reference/access-authn-authz/rbac/
Commands[edit]
kubectl create role
kubectl create clusterrole
kubectl create rolebinding
kubectl create clusterrolebinding
K8s Cluster roles[edit]
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#user-facing-roles
Review https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 for screenshoots of AWS EKS console depending of different roles.
Related: groups:
, kubectl get clusterroles
Related terms[edit]
- cluster-read-only-role
- Kubernetes tokens
- Attribute-based access control (ABAC)
- Kubernetes service account:
kubectl create serviceaccount
- CKA 1.23: Manage role based access control (RBAC)
- AWS Controllers for Kubernetes (ACK)
- Amazon EKS authorization
- Amazon EKS cluster endpoint (API server) access control
Activities[edit]
- Learn the differences between
Role
andClusterRole
: https://kubernetes.io/docs/reference/access-authn-authz/rbac/#role-and-clusterrole
News[edit]
- March 2017 Kubernetes 1.6 [1]
See also[edit]
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding
, K8s Cluster roles kubectl auth [ can-i | reconcile ]
- Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: