Difference between revisions of "Kubectl get clusterroles"
Jump to navigation
Jump to search
(6 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
+ | [[eks:]] | ||
+ | [[system:]] | ||
− | + | * <code>kubectl create clusterrolebinding view-youruser [[--clusterrole]]=[[view]] [[--serviceaccount]]=youruser:default</code> | |
== [[EKS]] == | == [[EKS]] == | ||
Line 105: | Line 107: | ||
* <code>[[kubectl get clusterrolebindings]]</code> | * <code>[[kubectl get clusterrolebindings]]</code> | ||
* <code>[[kind: ClusterRole]]</code> | * <code>[[kind: ClusterRole]]</code> | ||
− | * [[kubectl describe clusterroles]] | + | * <code>[[kubectl describe clusterroles]]</code> |
* [[K8s Cluster roles]] | * [[K8s Cluster roles]] | ||
− | * [[aws-auth]] | + | * <code>[[aws-auth]]</code> |
== See also == | == See also == |
Latest revision as of 08:56, 11 July 2024
eks: system:
kubectl create clusterrolebinding view-youruser --clusterrole=view --serviceaccount=youruser:default
EKS[edit]
admin, cluster-admin, edit, view
kubectl get clusterroles NAME CREATED AT admin 2022-06-22T14:31:15Z aws-node 2022-06-22T14:31:18Z cert-manager-cainjector 2022-06-30T08:30:31Z cert-manager-controller-certificates 2022-06-30T08:30:31Z cert-manager-controller-challenges 2022-06-30T08:30:31Z cert-manager-controller-clusterissuers 2022-06-30T08:30:31Z cert-manager-controller-ingress-shim 2022-06-30T08:30:31Z cert-manager-controller-issuers 2022-06-30T08:30:31Z cert-manager-controller-orders 2022-06-30T08:30:31Z cert-manager-edit 2022-06-30T08:30:31Z cert-manager-view 2022-06-30T08:30:31Z cluster-admin 2022-06-22T14:31:15Z edit 2022-06-22T14:31:15Z eks:addon-manager 2022-06-22T14:31:19Z eks:certificate-controller-approver 2022-06-22T14:31:15Z eks:cloud-provider-extraction-migration 2022-06-22T14:31:15Z eks:cluster-event-watcher 2022-06-22T14:31:15Z eks:fargate-manager 2022-06-22T14:31:19Z eks:fargate-scheduler 2022-06-22T14:31:15Z eks:k8s-metrics 2022-06-22T14:31:15Z eks:node-bootstrapper 2022-06-22T14:31:19Z eks:node-manager 2022-06-22T14:31:19Z eks:nodewatcher 2022-06-22T14:31:15Z eks:pod-identity-mutating-webhook 2022-06-22T14:31:15Z eks:podsecuritypolicy:privileged 2022-06-22T14:31:19Z nginx-ingress 2022-06-29T18:56:31Z system:aggregate-to-admin 2022-06-22T14:31:15Z system:aggregate-to-edit 2022-06-22T14:31:15Z system:aggregate-to-view 2022-06-22T14:31:15Z system:auth-delegator 2022-06-22T14:31:15Z system:basic-user 2022-06-22T14:31:15Z system:certificates.k8s.io:certificatesigningrequests:nodeclient 2022-06-22T14:31:15Z system:certificates.k8s.io:certificatesigningrequests:selfnodeclient 2022-06-22T14:31:15Z system:certificates.k8s.io:kube-apiserver-client-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:kube-apiserver-client-kubelet-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:kubelet-serving-approver 2022-06-22T14:31:15Z system:certificates.k8s.io:legacy-unknown-approver 2022-06-22T14:31:15Z system:controller:attachdetach-controller 2022-06-22T14:31:15Z system:controller:certificate-controller 2022-06-22T14:31:15Z system:controller:clusterrole-aggregation-controller 2022-06-22T14:31:15Z system:controller:cronjob-controller 2022-06-22T14:31:15Z system:controller:daemon-set-controller 2022-06-22T14:31:15Z system:controller:deployment-controller 2022-06-22T14:31:15Z system:controller:disruption-controller 2022-06-22T14:31:15Z system:controller:endpoint-controller 2022-06-22T14:31:15Z system:controller:endpointslice-controller 2022-06-22T14:31:15Z system:controller:endpointslicemirroring-controller 2022-06-22T14:31:15Z system:controller:ephemeral-volume-controller 2022-06-22T14:31:15Z system:controller:expand-controller 2022-06-22T14:31:15Z system:controller:generic-garbage-collector 2022-06-22T14:31:15Z system:controller:horizontal-pod-autoscaler 2022-06-22T14:31:15Z system:controller:job-controller 2022-06-22T14:31:15Z system:controller:namespace-controller 2022-06-22T14:31:15Z system:controller:node-controller 2022-06-22T14:31:15Z system:controller:persistent-volume-binder 2022-06-22T14:31:15Z system:controller:pod-garbage-collector 2022-06-22T14:31:15Z system:controller:pv-protection-controller 2022-06-22T14:31:15Z system:controller:pvc-protection-controller 2022-06-22T14:31:15Z system:controller:replicaset-controller 2022-06-22T14:31:15Z system:controller:replication-controller 2022-06-22T14:31:15Z system:controller:resourcequota-controller 2022-06-22T14:31:15Z system:controller:root-ca-cert-publisher 2022-06-22T14:31:15Z system:controller:route-controller 2022-06-22T14:31:15Z system:controller:service-account-controller 2022-06-22T14:31:15Z system:controller:service-controller 2022-06-22T14:31:15Z system:controller:statefulset-controller 2022-06-22T14:31:15Z system:controller:ttl-after-finished-controller 2022-06-22T14:31:15Z system:controller:ttl-controller 2022-06-22T14:31:15Z system:coredns 2022-06-22T14:31:19Z system:discovery 2022-06-22T14:31:15Z system:heapster 2022-06-22T14:31:15Z system:kube-aggregator 2022-06-22T14:31:15Z system:kube-controller-manager 2022-06-22T14:31:15Z system:kube-dns 2022-06-22T14:31:15Z system:kube-scheduler 2022-06-22T14:31:15Z system:kubelet-api-admin 2022-06-22T14:31:15Z system:monitoring 2022-06-22T14:31:15Z system:node 2022-06-22T14:31:15Z system:node-bootstrapper 2022-06-22T14:31:15Z system:node-problem-detector 2022-06-22T14:31:15Z system:node-proxier 2022-06-22T14:31:15Z system:persistent-volume-provisioner 2022-06-22T14:31:15Z system:public-info-viewer 2022-06-22T14:31:15Z system:service-account-issuer-discovery 2022-06-22T14:31:15Z system:volume-scheduler 2022-06-22T14:31:15Z view 2022-06-22T14:31:15Z vpc-resource-controller-role 2022-06-22T14:31:22Z
Related[edit]
kubectl get roles -A
kubectl get rolebindings -A
kubectl get clusterrolebindings
kind: ClusterRole
kubectl describe clusterroles
- K8s Cluster roles
aws-auth
See also[edit]
system:, system:masters, system:controller:, system:anonymous, system:serviceaccount:, system:serviceaccounts:, system:bootstrappers, system:node, system:nodes
,kubectl get clusterroles
kubectl describe roles
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding
, K8s Cluster roles - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: