Difference between revisions of "Kind: ClusterRoleBinding"

From wikieduonline
Jump to navigation Jump to search
 
(9 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
{{lc}}
 
{{lc}}
 
 
 
  apiVersion: rbac.authorization.k8s.io/v1
 
  apiVersion: rbac.authorization.k8s.io/v1
 
  # This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
 
  # This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
Line 8: Line 6:
 
   name: read-secrets-global
 
   name: read-secrets-global
 
  subjects:
 
  subjects:
  - kind: Group
+
  - [[kind: Group]]
 
   name: manager # Name is case sensitive
 
   name: manager # Name is case sensitive
 
   apiGroup: rbac.authorization.k8s.io
 
   apiGroup: rbac.authorization.k8s.io
 
  [[roleRef:]]
 
  [[roleRef:]]
   kind: ClusterRole
+
   [[kind: ClusterRole]]
 
   name: secret-reader
 
   name: secret-reader
   apiGroup: rbac.authorization.k8s.io
+
   apiGroup: [[rbac.authorization.k8s.io]]
 +
 
 +
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#clusterrolebinding-example
 +
 
 +
 
 +
{{discovery-read-only-user}}
  
  
Line 22: Line 25:
 
== Related ==
 
== Related ==
 
* [[K8s Cluster roles]]
 
* [[K8s Cluster roles]]
 +
* <code>[[cluster-read-only-role]]</code>
 +
* <code>[[kubectl describe clusterrolebindings]]</code>
 +
* [[Terraform resource: kubernetes cluster role binding]]
  
 
== See also ==
 
== See also ==
 +
* {{ClusterRoleBinding}}
 +
* {{K8s roles}}
 
* {{Kubernetes RBAC}}
 
* {{Kubernetes RBAC}}
  
 
[[Category:Kubernetes]]
 
[[Category:Kubernetes]]

Latest revision as of 10:08, 2 November 2023

apiVersion: rbac.authorization.k8s.io/v1
# This cluster role binding allows anyone in the "manager" group to read secrets in any namespace.
kind: ClusterRoleBinding
metadata:
  name: read-secrets-global
subjects:
- kind: Group
  name: manager # Name is case sensitive
  apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: secret-reader
  apiGroup: rbac.authorization.k8s.io
https://kubernetes.io/docs/reference/access-authn-authz/rbac/#clusterrolebinding-example


 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cluster-read-only-role-binding
subjects:
 - kind: User
   name: discovery-read-only-user
   apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: cluster-read-only-role 
  apiGroup: rbac.authorization.k8s.io


roleRef
RoleBinding

Related[edit]

See also[edit]

Advertising: