Kubectl auth: Difference between revisions
Jump to navigation
Jump to search
(Created page with "=Internal= * kubectl =Overview= <code>kubectl auth</code> inspects authorization. It can check whether an action is allowed with: <syntaxhighlight lan...") |
No edit summary |
||
| Line 8: | Line 8: | ||
It can check whether an action is allowed with: | It can check whether an action is allowed with: | ||
<syntaxhighlight lang='bash'> | <syntaxhighlight lang='bash'> | ||
kubectl auth can-i <verb> <type> <name> | kubectl auth can-i <verb> [<type>|<type>/<name>|<non-resource-url> | ||
</syntaxhighlight> | </syntaxhighlight> | ||
The verb is a logical Kubernetes API verb: "get", "list", "watch", "delete", etc. Type is a kubernetes resource. The name is the name of a particular resource. | |||
It could also reconcile rules for RBAC Role, RoleBinding, ClusterRole, and ClusterRole binding objects. | It could also reconcile rules for RBAC Role, RoleBinding, ClusterRole, and ClusterRole binding objects. | ||
Revision as of 06:14, 3 September 2020
Internal
Overview
kubectl auth inspects authorization.
It can check whether an action is allowed with:
kubectl auth can-i <verb> [<type>|<type>/<name>|<non-resource-url>
The verb is a logical Kubernetes API verb: "get", "list", "watch", "delete", etc. Type is a kubernetes resource. The name is the name of a particular resource.
It could also reconcile rules for RBAC Role, RoleBinding, ClusterRole, and ClusterRole binding objects.