kind: ClusterRole
Jump to navigation
Jump to search
↑ https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1182188
kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: '*' name: pod-reader rules: - apiGroups: ["extensions", "apps", ""] resources: ["pods"] verbs: ["get", "list", "watch"] Ref: https://stackoverflow.com/a/53524535
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: cluster-read-only-role [1] rules: - apiGroups: ["*"] resources: ["*"] verbs: ["get","watch","list"] - nonResourceURLs: - /metrics verbs: - get
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: annotations: rbac.authorization.kubernetes.io/autoupdate: "true" name: view-aws rules: - apiGroups: - '*' resources: - nodes - namespaces - pods - events verbs: - get - list - apiGroups: - apps resources: - deployments - daemonsets - statefulsets - replicasets verbs: - get - list - apiGroups: - batch resources: - jobs verbs: - get - list
K8s Cluster roles[edit]
Related[edit]
groups:
kubectl get roles -A
kubectl create clusterrole
kubectl describe clusterrole
kind: Role
kind: Cluster
kind: ClusterConfig
aws-auth configMap
- Terraform resource: kubernetes_cluster_role
See also[edit]
- Kubernetes roles,
kubectl get [ roles | clusterroles | clusterrolebindings ], kubectl create rolebinding
, K8s Cluster roles - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcile
kubectl create [ role | clusterrole | clusterrolebinding
|rolebinding | serviceaccount ], groups:
, Kubernetes RBAC good practices,kube2iam
, K8s Cluster roles,rbac.authorization.k8s.io
,system:
Advertising: