kubectl describe clusterrolebindings
Jump to navigation
Jump to search
Name: aws-node
Labels: app.kubernetes.io/instance=aws-vpc-cni
app.kubernetes.io/name=aws-node
app.kubernetes.io/version=v1.12.6
k8s-app=aws-node
Annotations: <none>
Role:
Kind: ClusterRole
Name: aws-node
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount aws-node kube-system
Name: cluster-admin
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:masters
Name: cluster-read-only-role-binding
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: cluster-read-only-role
Subjects:
Kind Name Namespace
---- ---- ---------
User discovery-read-only-user
Name: ebs-csi-attacher-binding
Labels: app.kubernetes.io/component=csi-driver
app.kubernetes.io/managed-by=EKS
app.kubernetes.io/name=aws-ebs-csi-driver
app.kubernetes.io/version=1.20.0
Annotations: <none>
Role:
Kind: ClusterRole
Name: ebs-external-attacher-role
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ebs-csi-controller-sa kube-system
Name: ebs-csi-node-getter-binding
Labels: app.kubernetes.io/component=csi-driver
app.kubernetes.io/managed-by=EKS
app.kubernetes.io/name=aws-ebs-csi-driver
app.kubernetes.io/version=1.20.0
Annotations: <none>
Role:
Kind: ClusterRole
Name: ebs-csi-node-role
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ebs-csi-node-sa kube-system
Name: ebs-csi-provisioner-binding
Labels: app.kubernetes.io/component=csi-driver
app.kubernetes.io/managed-by=EKS
app.kubernetes.io/name=aws-ebs-csi-driver
app.kubernetes.io/version=1.20.0
Annotations: <none>
Role:
Kind: ClusterRole
Name: ebs-external-provisioner-role
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ebs-csi-controller-sa kube-system
Name: ebs-csi-resizer-binding
Labels: app.kubernetes.io/component=csi-driver
app.kubernetes.io/managed-by=EKS
app.kubernetes.io/name=aws-ebs-csi-driver
app.kubernetes.io/version=1.20.0
Annotations: <none>
Role:
Kind: ClusterRole
Name: ebs-external-resizer-role
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ebs-csi-controller-sa kube-system
Name: ebs-csi-snapshotter-binding
Labels: app.kubernetes.io/component=csi-driver
app.kubernetes.io/managed-by=EKS
app.kubernetes.io/name=aws-ebs-csi-driver
app.kubernetes.io/version=1.20.0
Annotations: <none>
Role:
Kind: ClusterRole
Name: ebs-external-snapshotter-role
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ebs-csi-controller-sa kube-system
Name: eks:addon-cluster-admin
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: cluster-admin
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:addon-manager
Name: eks:addon-manager
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:addon-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:addon-manager
Name: eks:az-poller
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:az-poller
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:az-poller
Name: eks:certificate-controller
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: system:controller:certificate-controller
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:certificate-controller
Name: eks:certificate-controller-approver
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:certificate-controller-approver
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:certificate-controller
Name: eks:certificate-controller-signer
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:certificate-controller-signer
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:certificate-controller
Name: eks:cloud-controller-manager
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:cloud-controller-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:cloud-controller-manager
Name: eks:cloud-provider-extraction-migration
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:cloud-provider-extraction-migration
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-controller-manager
Name: eks:cloudwatch-agent-role-binding
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:cloudwatch-agent-role
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:cloudwatch-agent
Name: eks:cluster-event-watcher
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:cluster-event-watcher
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:cluster-event-watcher
Name: eks:fargate-manager
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:fargate-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:fargate-manager
Name: eks:fargate-scheduler
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:fargate-scheduler
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:fargate-scheduler
Name: eks:k8s-metrics
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:k8s-metrics
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:k8s-metrics
Name: eks:kube-proxy
Labels: eks.amazonaws.com/component=kube-proxy
k8s-app=kube-proxy
Annotations: <none>
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount kube-proxy kube-system
Name: eks:kube-proxy-fargate
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:node-proxier
Name: eks:kube-proxy-windows
Labels: eks.amazonaws.com/component=kube-proxy
k8s-app=kube-proxy
Annotations: <none>
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
Group eks:kube-proxy-windows
Name: eks:network-policy-controller
Labels: app.kubernetes.io/component=rbac
app.kubernetes.io/created-by=amazon-network-policy-controller-k8s
app.kubernetes.io/instance=manager-rolebinding
app.kubernetes.io/name=amazon-network-policy-controller-k8s
app.kubernetes.io/part-of=amazon-network-policy-controller-k8s
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:network-policy-controller
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:network-policy-controller
Name: eks:node-bootstrapper
Labels: eks.amazonaws.com/component=node
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:node-bootstrapper
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:bootstrappers
Group system:nodes
Name: eks:node-manager
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:node-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:node-manager
Name: eks:nodewatcher
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:nodewatcher
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:nodewatcher
Name: eks:pod-identity-mutating-webhook
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:pod-identity-mutating-webhook
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:pod-identity-mutating-webhook
Name: eks:service-operations
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:service-operations
Subjects:
Kind Name Namespace
---- ---- ---------
Group eks:service-operations
Name: eks:tagging-controller
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: eks:tagging-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount tagging-controller kube-system
Name: system:basic-user
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:basic-user
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Name: system:controller:attachdetach-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:attachdetach-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount attachdetach-controller kube-system
Name: system:controller:certificate-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:certificate-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount certificate-controller kube-system
Name: system:controller:clusterrole-aggregation-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:clusterrole-aggregation-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount clusterrole-aggregation-controller kube-system
Name: system:controller:cronjob-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:cronjob-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount cronjob-controller kube-system
Name: system:controller:daemon-set-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:daemon-set-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount daemon-set-controller kube-system
Name: system:controller:deployment-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:deployment-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount deployment-controller kube-system
Name: system:controller:disruption-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:disruption-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount disruption-controller kube-system
Name: system:controller:endpoint-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:endpoint-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount endpoint-controller kube-system
Name: system:controller:endpointslice-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:endpointslice-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount endpointslice-controller kube-system
Name: system:controller:endpointslicemirroring-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:endpointslicemirroring-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount endpointslicemirroring-controller kube-system
Name: system:controller:ephemeral-volume-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:ephemeral-volume-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ephemeral-volume-controller kube-system
Name: system:controller:expand-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:expand-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount expand-controller kube-system
Name: system:controller:generic-garbage-collector
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:generic-garbage-collector
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount generic-garbage-collector kube-system
Name: system:controller:horizontal-pod-autoscaler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:horizontal-pod-autoscaler
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount horizontal-pod-autoscaler kube-system
Name: system:controller:job-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:job-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount job-controller kube-system
Name: system:controller:namespace-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:namespace-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount namespace-controller kube-system
Name: system:controller:node-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:node-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount node-controller kube-system
Name: system:controller:persistent-volume-binder
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:persistent-volume-binder
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount persistent-volume-binder kube-system
Name: system:controller:pod-garbage-collector
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pod-garbage-collector
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pod-garbage-collector kube-system
Name: system:controller:pv-protection-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pv-protection-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pv-protection-controller kube-system
Name: system:controller:pvc-protection-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:pvc-protection-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount pvc-protection-controller kube-system
Name: system:controller:replicaset-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:replicaset-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount replicaset-controller kube-system
Name: system:controller:replication-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:replication-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount replication-controller kube-system
Name: system:controller:resourcequota-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:resourcequota-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount resourcequota-controller kube-system
Name: system:controller:root-ca-cert-publisher
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:root-ca-cert-publisher
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount root-ca-cert-publisher kube-system
Name: system:controller:route-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:route-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount route-controller kube-system
Name: system:controller:service-account-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:service-account-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount service-account-controller kube-system
Name: system:controller:service-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:service-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount service-controller kube-system
Name: system:controller:statefulset-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:statefulset-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount statefulset-controller kube-system
Name: system:controller:ttl-after-finished-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:ttl-after-finished-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ttl-after-finished-controller kube-system
Name: system:controller:ttl-controller
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:controller:ttl-controller
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount ttl-controller kube-system
Name: system:coredns
Labels: eks.amazonaws.com/component=coredns
k8s-app=kube-dns
kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:coredns
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount coredns kube-system
Name: system:discovery
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:discovery
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Name: system:kube-controller-manager
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-controller-manager
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-controller-manager
Name: system:kube-dns
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-dns
Subjects:
Kind Name Namespace
---- ---- ---------
ServiceAccount kube-dns kube-system
Name: system:kube-scheduler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:kube-scheduler
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-scheduler
Name: system:monitoring
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:monitoring
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:monitoring
Name: system:node
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:node
Subjects:
Kind Name Namespace
---- ---- ---------
Name: system:node-proxier
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:node-proxier
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-proxy
Name: system:public-info-viewer
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:public-info-viewer
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:authenticated
Group system:unauthenticated
Name: system:service-account-issuer-discovery
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:service-account-issuer-discovery
Subjects:
Kind Name Namespace
---- ---- ---------
Group system:serviceaccounts
Name: system:volume-scheduler
Labels: kubernetes.io/bootstrapping=rbac-defaults
Annotations: rbac.authorization.kubernetes.io/autoupdate: true
Role:
Kind: ClusterRole
Name: system:volume-scheduler
Subjects:
Kind Name Namespace
---- ---- ---------
User system:kube-scheduler
Name: vpc-resource-controller-rolebinding
Labels: <none>
Annotations: <none>
Role:
Kind: ClusterRole
Name: vpc-resource-controller-role
Subjects:
Kind Name Namespace
---- ---- ---------
User eks:vpc-resource-controller
ServiceAccount eks-vpc-resource-controller kube-system
See also[edit]
- ClusterRoleBinding,
kubectl describe clusterrolebindings - K8s Cluster roles:
cluster-admin, admin, edit, view,cluster-read-only-role - Kubernetes RBAC
kubectl auth, kubectl auth can-i, kubectl auth reconcilekubectl create [ role | clusterrole | clusterrolebinding|rolebinding | serviceaccount ], groups:, Kubernetes RBAC good practices,kube2iam, K8s Cluster roles,rbac.authorization.k8s.io,system:
Advertising:
