Kubectl auth

From NovaOrdis Knowledge Base
Revision as of 06:14, 3 September 2020 by Ovidiu (talk | contribs)
Jump to navigation Jump to search

Internal

Overview

kubectl auth inspects authorization.

It can check whether an action is allowed with: 

kubectl auth can-i <verb> [<type>|<type>/<name>|<non-resource-url>

The verb is a logical Kubernetes API verb: "get", "list", "watch", "delete", etc. Type is a kubernetes resource. The name is the name of a particular resource.

It could also reconcile rules for RBAC Role, RoleBinding, ClusterRole, and ClusterRole binding objects.

Usage Examples

Retrieved from "https://kb.novaordis.com/index.php?title=Kubectl_auth&oldid=68468"