CKA Quick Check Points -- RBAC
Cheedge Lee

Cheedge Lee @cheedge_lee

Location:
München
Joined:
Oct 16, 2024

CKA Quick Check Points -- RBAC

Publish Date: Jan 10
0 0

This is a quick recap for RBAC, more details can check the official doc or click the tiltle links.

ServiceAccount (sa)

1. Yaml File

2. CMD

kubectl create serviceaccount NAME -n NAMESPACE
Enter fullscreen mode Exit fullscreen mode

Role/Clusterrole

1. Yaml File

2. CMD

kubectl create [role|clusterrole] NAME --verb=verb --resource=resource.group/subresource [--resource-name=resourcename]
Enter fullscreen mode Exit fullscreen mode

Rolebinding/Clusterrolebinding

1. Yaml File

2. CMD

kubectl create rolebinding NAME --clusterrole=NAME|--role=NAME [--user=username] [--group=groupname]
[--serviceaccount=namespace:serviceaccountname]
kubectl create clusterrolebinding NAME --clusterrole=NAME [--user=username] [--group=groupname]
[--serviceaccount=namespace:serviceaccountname]
Enter fullscreen mode Exit fullscreen mode

Usage & Quick Verify

1. Usage

Pod yaml file add spec.serviceAccountName

2. Quick Verify

kubectl auth can-i VERB RESOURCE --as=[USER|SA] -n NAMESPACE
Enter fullscreen mode Exit fullscreen mode

more verifications can check details.

Comments 0 total

    Add comment