May 2018
Intermediate to advanced
554 pages
13h 51m
English
Role in Kubernetes contains a set of rules. A rule defines a set of permissions for certain operations and resources by specifying apiGroups, resources, and verbs. For example, the following role defines a read-only rule for configmaps:
# cat role.yamlkind: RoleapiVersion: rbac.authorization.k8s.io/v1metadata: name: configmap-rorules: - apiGroups: ["*"] resources: ["configmaps"] verbs: ["watch", "get", "list"]
A RoleBinding is used to associate a role with a list of accounts. The following example shows we assign the configmap-ro role to a list of subjects. It only has the user linda in this case:
# cat rolebinding.yamlkind: RoleBindingapiVersion: rbac.authorization.k8s.io/v1metadata: name: devops-role-bindingsubjects: ...
Read now
Unlock full access