Kubernetes Role Based Access Control Concepts: Difference between revisions
Jump to navigation
Jump to search
(Created page with "=Internal= =Overview= In Kubernetes, granting a role to an application-specific service account is a best practice to ensure that the application is operated in a specified s...") |
|||
Line 1: | Line 1: | ||
=Internal= | =Internal= | ||
* [[Kubernetes_Security_Concepts#Role_Based_Access_Control_.28RBAC.29|Kubernetes Security Concepts]] | |||
=Overview= | =Overview= | ||
Revision as of 18:49, 22 June 2020
Internal
Overview
In Kubernetes, granting a role to an application-specific service account is a best practice to ensure that the application is operated in a specified scope.
TODO:
- https://kubernetes.io/docs/reference/access-authn-authz/rbac/#service-account-permissions
- https://docs.bitnami.com/kubernetes/how-to/configure-rbac-in-your-kubernetes-cluster/
Cluster Role
Cluster Role Binding
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: cluster-admin
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- apiGroup: rbac.authorization.k8s.io
kind: Group
name: system:masters