Difference between revisions of "Cluster-read-only-role"

From wikieduonline
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 3: Line 3:
 
  {{cluster-read-only-role}}
 
  {{cluster-read-only-role}}
  
 +
{{discovery-read-only-user}}
  
  apiVersion: rbac.authorization.k8s.io/v1
+
  [[aws-auth]]
kind: ClusterRoleBinding
 
metadata:
 
  name: cluster-read-only-role-binding
 
subjects:
 
  - [[kind: User]]
 
    name: discovery-read-only-user
 
    apiGroup: rbac.authorization.k8s.io
 
[[roleRef:]]
 
  [[kind: ClusterRole]]
 
  name: cluster-read-only-role
 
  apiGroup: rbac.authorization.k8s.io
 
 
 
 
 
 
  [[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
 
  [[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
  
Line 23: Line 11:
 
* [[ServiceNow Kubernetes discovery]]
 
* [[ServiceNow Kubernetes discovery]]
 
* [[TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)]]
 
* [[TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)]]
* [[view]]: <code>[[kubectl describe clusterpolicy view]]</code>
+
* [[view]]: <code>[[kubectl describe clusterrole view]]</code>
  
 
== See also ==
 
== See also ==
 
* {{K8s roles}}
 
* {{K8s roles}}
 +
 +
[[Category:K8s]]

Latest revision as of 13:02, 31 October 2023

 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cluster-read-only-role [1]
rules:
- apiGroups: ["*"]
  resources: ["*"]
  verbs: ["get","watch","list"]
- nonResourceURLs:
  - /metrics
  verbs:
  - get
 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cluster-read-only-role-binding
subjects:
 - kind: User
   name: discovery-read-only-user
   apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: cluster-read-only-role 
  apiGroup: rbac.authorization.k8s.io
aws-auth
eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns

Related[edit]

See also[edit]

  • https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
  • Advertising: