Difference between revisions of "Cluster-read-only-role"

From wikieduonline
Jump to navigation Jump to search
Line 10: Line 10:
 
  subjects:
 
  subjects:
 
   - [[kind: User]]
 
   - [[kind: User]]
     name: discovery-read-only-user
+
     name: [[discovery-read-only-user]]
 
     apiGroup: rbac.authorization.k8s.io
 
     apiGroup: rbac.authorization.k8s.io
 
  [[roleRef:]]
 
  [[roleRef:]]

Revision as of 12:29, 31 October 2023

 apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: cluster-read-only-role [1]
rules:
- apiGroups: ["*"]
  resources: ["*"]
  verbs: ["get","watch","list"]
- nonResourceURLs:
  - /metrics
  verbs:
  - get


apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: cluster-read-only-role-binding
subjects:
 - kind: User
   name: discovery-read-only-user
   apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: cluster-read-only-role 
  apiGroup: rbac.authorization.k8s.io


eksctl create iamidentitymapping --cluster <ClusterName> --region=<region-code> --arn <ARN> --username <Username> --no-duplicate-arns

Related

See also

  • https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
  • Advertising: