Difference between revisions of "Cluster-read-only-role"

Latest revision as of 13:02, 31 October 2023

 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cluster-read-only-role ^[1]
rules:
- apiGroups: ["*"]
  resources: ["*"]
  verbs: ["get","watch","list"]
- nonResourceURLs:
  - /metrics
  verbs:
  - get

 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cluster-read-only-role-binding
subjects:
 - kind: User
   name: discovery-read-only-user
   apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: cluster-read-only-role 
  apiGroup: rbac.authorization.k8s.io

aws-auth
eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns

@@ Line 3: / Line 3: @@
   {{cluster-read-only-role}}
+ {{discovery-read-only-user}}
-  apiVersion: rbac.authorization.k8s.io/v1
+  [[aws-auth]]
- kind: ClusterRoleBinding
- metadata:
-   name: cluster-read-only-role-binding
- subjects:
-  - [[kind: User]]
-    name: discovery-read-only-user
-    apiGroup: rbac.authorization.k8s.io
- [[roleRef:]]
-   [[kind: ClusterRole]]
-   name: cluster-read-only-role
-   apiGroup: rbac.authorization.k8s.io
   [[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
@@ Line 23: / Line 11: @@
 * [[ServiceNow Kubernetes discovery]]
 * [[TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)]]
-* [[view]]: <code>[[kubectl describe clusterpolicy view]]</code>
+* [[view]]: <code>[[kubectl describe clusterrole view]]</code>
 == See also ==
 * {{K8s roles}}
+[[Category:K8s]]

Difference between revisions of "Cluster-read-only-role"

Latest revision as of 13:02, 31 October 2023

Related[edit]

See also[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools