Difference between revisions of "Cluster-read-only-role"
Jump to navigation
Jump to search
↑ https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
(One intermediate revision by the same user not shown) | |||
Line 5: | Line 5: | ||
{{discovery-read-only-user}} | {{discovery-read-only-user}} | ||
− | + | [[aws-auth]] | |
[[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns | [[eksctl create iamidentitymapping]] --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns | ||
Line 15: | Line 15: | ||
== See also == | == See also == | ||
* {{K8s roles}} | * {{K8s roles}} | ||
+ | |||
+ | [[Category:K8s]] |
Latest revision as of 13:02, 31 October 2023
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: cluster-read-only-role [1] rules: - apiGroups: ["*"] resources: ["*"] verbs: ["get","watch","list"] - nonResourceURLs: - /metrics verbs: - get
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: cluster-read-only-role-binding subjects: - kind: User name: discovery-read-only-user apiGroup: rbac.authorization.k8s.io roleRef: kind: ClusterRole name: cluster-read-only-role apiGroup: rbac.authorization.k8s.io
aws-auth eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns
Related[edit]
- ServiceNow Kubernetes discovery
- TOI: EKS cluster discovery using STS AssumeRoles (Without AWS CLI)
- view:
kubectl describe clusterrole view
See also[edit]
Advertising: