Difference between revisions of "Kind: ClusterRole"
Jump to navigation
Jump to search
Line 12: | Line 12: | ||
Ref: https://stackoverflow.com/a/53524535 | Ref: https://stackoverflow.com/a/53524535 | ||
+ | |||
+ | |||
+ | <pre> | ||
+ | apiVersion: rbac.authorization.k8s.io/v1 | ||
+ | kind: ClusterRole | ||
+ | metadata: | ||
+ | annotations: | ||
+ | rbac.authorization.kubernetes.io/autoupdate: "true" | ||
+ | name: view-aws | ||
+ | rules: | ||
+ | - apiGroups: | ||
+ | - '*' | ||
+ | resources: | ||
+ | - nodes | ||
+ | - namespaces | ||
+ | - pods | ||
+ | - events | ||
+ | verbs: | ||
+ | - get | ||
+ | - list | ||
+ | - apiGroups: | ||
+ | - apps | ||
+ | resources: | ||
+ | - deployments | ||
+ | - daemonsets | ||
+ | - statefulsets | ||
+ | - replicasets | ||
+ | verbs: | ||
+ | - get | ||
+ | - list | ||
+ | - apiGroups: | ||
+ | - batch | ||
+ | resources: | ||
+ | - jobs | ||
+ | verbs: | ||
+ | - get | ||
+ | - list | ||
+ | </pre> | ||
+ | |||
+ | |||
== [[K8s Cluster roles]] == | == [[K8s Cluster roles]] == |
Revision as of 17:44, 12 September 2023
kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: '*' name: pod-reader rules: - apiGroups: ["extensions", "apps", ""] resources: ["pods"] verbs: ["get", "list", "watch"] Ref: https://stackoverflow.com/a/53524535
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: rbac.authorization.kubernetes.io/autoupdate: "true" name: view-aws rules: - apiGroups: - '*' resources: - nodes - namespaces - pods - events verbs: - get - list - apiGroups: - apps resources: - deployments - daemonsets - statefulsets - replicasets verbs: - get - list - apiGroups: - batch resources: - jobs verbs: - get - list
K8s Cluster roles
Related
See also
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding
, K8s Cluster roles - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: