Difference between revisions of "Kind: ClusterRole"
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
| − | + | ||
| − | apiVersion: rbac.authorization.k8s.io/v1 | + | apiVersion: [[rbac.authorization.k8s.io]]/v1 |
| − | kind: ClusterRole | + | kind: ClusterRole |
| − | metadata: | + | metadata: |
| − | + | annotations: | |
| − | + | [[rbac.authorization.kubernetes.io]]/autoupdate: "true" | |
| − | + | name: view-aws | |
| − | rules: | + | rules: |
| − | - apiGroups: | + | - apiGroups: |
| − | + | - '*' | |
| − | + | resources: | |
| − | + | - nodes | |
| − | + | - namespaces | |
| − | + | - pods | |
| − | + | - events | |
| − | + | verbs: | |
| − | + | - get | |
| − | + | - list | |
| − | - apiGroups: | + | - apiGroups: |
| − | + | - apps | |
| − | + | resources: | |
| − | + | - deployments | |
| − | + | - daemonsets | |
| − | + | - statefulsets | |
| − | + | - replicasets | |
| − | + | verbs: | |
| − | + | - get | |
| − | + | - list | |
| − | - apiGroups: | + | - apiGroups: |
- batch | - batch | ||
| − | + | resources: | |
| − | + | - jobs | |
| − | + | verbs: | |
| − | + | - get | |
| − | + | - list | |
| − | |||
* https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 | * https://medium.com/codex/how-to-provide-access-to-aws-eks-for-sso-users-via-aws-sso-to-view-and-manage-the-cluster-17e2acfd6a35 | ||
Revision as of 12:04, 31 October 2023
kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: '*' name: pod-reader rules: - apiGroups: ["extensions", "apps", ""] resources: ["pods"] verbs: ["get", "list", "watch"] Ref: https://stackoverflow.com/a/53524535
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: rbac.authorization.kubernetes.io/autoupdate: "true" name: view-aws rules: - apiGroups: - '*' resources: - nodes - namespaces - pods - events verbs: - get - list - apiGroups: - apps resources: - deployments - daemonsets - statefulsets - replicasets verbs: - get - list - apiGroups: - batch resources: - jobs verbs: - get - list
K8s Cluster roles
Related
groups:kubectl get roles -Akubectl create clusterrolekubectl describe clusterrolekind: Rolekind: Clusterkind: ClusterConfigaws-auth configMap
See also
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding, K8s Cluster roles - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcilekubectl create [ role | clusterrole | clusterrolebinding|rolebinding | serviceaccount ], groups:, Kubernetes RBAC good practices,kube2iam, K8s Cluster roles,rbac.authorization.k8s.io,system:
Advertising:
