January 2019
Intermediate to advanced
484 pages
11h 48m
English
A Role in Kubernetes is bound within a namespace. A ClusterRole, on the other hand, is cluster-wide. The following is an example of Role, which can perform all operations, including get, watch, list, create, update, delete, and patch, on the deployments, replicasets, and pods resources:
// configuration file for a role named devops-role# cat 5-2_rbac/5-2_role.yaml kind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata: namespace: chapter5 name: devops-rolerules:- apiGroups: ["", "extensions", "apps"] resources: - "deployments" - "replicasets" - "pods" verbs: ["*"]// create the role# kubectl create -f 5-2_rbac/5-2_role.yamlrole.rbac.authorization.k8s.io/devops-role created
Read now
Unlock full access