Difference between revisions of "Cluster-read-only-role"
Jump to navigation
Jump to search
↑ https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
(4 intermediate revisions by the same user not shown) | |||
Line 3: | Line 3: | ||
{{cluster-read-only-role}} | {{cluster-read-only-role}} | ||
+ | {{discovery-read-only-user}} | ||
− | + | [[aws-auth]] | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
[[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns | [[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns | ||
Line 23: | Line 11: | ||
* [[ServiceNow Kubernetes discovery]] | * [[ServiceNow Kubernetes discovery]] | ||
* [[TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)]] | * [[TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)]] | ||
− | * [[view]]: <code>[[kubectl describe | + | * [[view]]: <code>[[kubectl describe clusterrole view]]</code> |
== See also == | == See also == | ||
* {{K8s roles}} | * {{K8s roles}} | ||
+ | |||
+ | [[Category:K8s]] |
Latest revision as of 13:02, 31 October 2023
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: cluster-read-only-role [1] rules: - apiGroups: ["*"] resources: ["*"] verbs: ["get","watch","list"] - nonResourceURLs: - /metrics verbs: - get
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: cluster-read-only-role-binding subjects: - kind: User name: discovery-read-only-user apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: cluster-read-only-role apiGroup: rbac.authorization.k8s.io
aws-auth eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
Related[edit]
- ServiceNow Kubernetes discovery
- TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)
- view:
kubectl describe clusterrole view
See also[edit]
Advertising: