Kubernetes Security Operations: Difference between revisions
Jump to navigation
Jump to search
Line 8: | Line 8: | ||
=Authorization Check= | =Authorization Check= | ||
==PodSecurityPolicy== | |||
<syntaxhighlight lang='bash'> | <syntaxhighlight lang='bash'> | ||
kubectl --as=system:serviceaccount:<namespace>:<serviceaccount-name> -n <namespace> auth can-i use < | kubectl --as=system:serviceaccount:<namespace>:<serviceaccount-name> -n <namespace> auth can-i use <pod-security-policy-name> | ||
kubectl --as=system:serviceaccount:blue:blue-serviceaccount -n blue auth can-i use podsecuritypolicy/example | kubectl --as=system:serviceaccount:blue:blue-serviceaccount -n blue auth can-i use podsecuritypolicy/example | ||
</syntaxhighlight> | </syntaxhighlight> |
Revision as of 06:12, 3 September 2020
Internal
Service Account Operations
RBAC Operations
Authorization Check
PodSecurityPolicy
kubectl --as=system:serviceaccount:<namespace>:<serviceaccount-name> -n <namespace> auth can-i use <pod-security-policy-name>
kubectl --as=system:serviceaccount:blue:blue-serviceaccount -n blue auth can-i use podsecuritypolicy/example