system:

From wikieduonline
Revision as of 11:20, 20 December 2023 by Welcome (talk | contribs)
Jump to navigation Jump to search

system:
system:controller:
system:serviceaccount:
  • Referring to subjects [1]

The prefix system: is reserved for Kubernetes system use, so you should ensure that you don't have users or groups with names that start with system: by accident. Other than this special prefix, the RBAC authorization system does not require any format for usernames.


kubectl get clusterroles | grep system
system:bootstrappers
system:node
system:nodes
system:node-proxier
system:masters
system:anonymous
system:unauthenticated
system:serviceaccount
system:serviceaccounts
system:kube-scheduler
system:kube-dns
system:volume-scheduler
system:kube-controller-manager
system:basic-user
system:dyscover


eks:
kube-system                           system::leader-locking-kube-controller-manager   2022-07-06T13:16:03Z
kube-system                           system::leader-locking-kube-scheduler            2022-07-06T13:16:03Z


system:controller:

https://kubernetes.io/docs/reference/access-authn-authz/rbac/#controller-roles
system:controller:attachdetach-controller
system:controller:certificate-controller
system:controller:clusterrole-aggregation-controller
system:controller:cronjob-controller
system:controller:daemon-set-controller
system:controller:deployment-controller
system:controller:disruption-controller
system:controller:endpoint-controller
system:controller:expand-controller
system:controller:generic-garbage-collector
system:controller:horizontal-pod-autoscaler
system:controller:job-controller
system:controller:namespace-controller
system:controller:node-controller
system:controller:persistent-volume-binder
system:controller:pod-garbage-collector
system:controller:pv-protection-controller
system:controller:pvc-protection-controller
system:controller:replicaset-controller
system:controller:replication-controller
system:controller:resourcequota-controller
system:controller:root-ca-cert-publisher
system:controller:route-controller
system:controller:service-account-controller
system:controller:service-controller
system:controller:statefulset-controller
system:controller:ttl-controller

ClusterRole

Activities

Related

See also

  • https://kubernetes.io/docs/reference/access-authn-authz/rbac/#referring-to-subjects
  • Advertising: