Difference between revisions of "Kubernetes RBAC Role Examples"
Jump to navigation
Jump to search
(Created page with "https://stackoverflow.com/questions/48118125/kubernetes-rbac-role-verbs-to-exec-to-pod To allow a subject to read both pods and pod logs, and be able to exec into the pod, yo...") |
(No difference)
|
Latest revision as of 23:20, 26 August 2021
https://stackoverflow.com/questions/48118125/kubernetes-rbac-role-verbs-to-exec-to-pod
To allow a subject to read both pods and pod logs, and be able to exec into the pod, you would write:
kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: default name: pod-and-pod-logs-reader rules: - apiGroups: [""] resources: ["pods", "pods/log"] verbs: ["get", "list"] - apiGroups: [""] resources: ["pods/exec"] verbs: ["create"]