Kubernetes RBAC Role Examples

From UVOO Tech Wiki
Jump to navigation Jump to search

https://stackoverflow.com/questions/48118125/kubernetes-rbac-role-verbs-to-exec-to-pod

To allow a subject to read both pods and pod logs, and be able to exec into the pod, you would write: 

kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: default
  name: pod-and-pod-logs-reader
rules:
- apiGroups: [""]
  resources: ["pods", "pods/log"]
  verbs: ["get", "list"]
- apiGroups: [""]
  resources: ["pods/exec"]
  verbs: ["create"]
Retrieved from "https://tech.uvoo.io/index.php?title=Kubernetes_RBAC_Role_Examples&oldid=2181"