gitea/cka-SVV
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

roles topic added

Browse Source
This commit is contained in:
Sander van Vugt 2020-09-16 11:12:05 +02:00
parent b6183f70e2
commit ca8462aa12
4 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
clusterrol.yaml Normal file
View File

@ -0,0 +1,8 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: secret-reader
rules:
- apiGroups: [""]
resources: ["secrets"]
verbs: ["get", "watch", "list"]

19
config.anna Normal file
View File

@ -0,0 +1,19 @@
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM1ekNDQWMrZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01Ea3hOREV5TWpFMU1Gb1hEVE13TURreE1qRXlNakUxTUZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTjBXCjZxQkZPTVpRU2wxYTROd0dIeTJjZmZaaWg5bFJFc04zTkVqZXBxYzY1ZWJJTFR6R3hhNytnREZSYzZPUGk4REcKUFZhQzNMVFlaRk1udW9xOGNJbjlma0VoK2tPblBvOFFmc0tPdktXdmpibWVqZVFBMnBSbHNsVnJFcStKN1dQZwpoSVhhTDFsMUxpRWZaN1hOTE94SDArVEU5eWtjaEhhdjRsOGtoZWladUczMlVhSVpuRmh4Wnp2TC9vNGNPeXZPCmZSNUh3OCt2NUVqaWNoMmJjU0d2WGFKMkNXVXRUcDBERmVmWEpvM3gwbWJ2VjhjU0N5UURpUnB2STB5QmFxa3AKMFcrQnRvSVpISWtZWUkxblYzSjN6dVloeW5QekpjUHR6Ykk0QnhMeDN2M0lRN3lrWWYrakh0K2t0L1o3VDllYQpkRWpUUllSVzd5M1lsSGpjUWdFQ0F3RUFBYU5DTUVBd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0hRWURWUjBPQkJZRUZHeGJuWEpsdklJYUswcDFQQllVNWpxQjNUM3pNQTBHQ1NxR1NJYjMKRFFFQkN3VUFBNElCQVFDYTR5bzU5RW5tTzJ3V1RjUXQ2di93RlRNRXpocFdZRktpbHdheVFRaEZpM1JTTk42Ugp1NDNmSDR6dHYxdk14TXR4M1F2czVET0ZRd28rNTR6TktUTXYzVlpWUFpIbDBsMlpNV1NnbGI2dWp2SEF5emxJCnlNOWdEOG5hODZ1cWZiOUtHNzI3SWRnWlVKeTVhYzNlbU04ZUw2eksvV2pTb1VVREloVlI5VW9WVmNMaXY3S2YKU0NzdlowRzNYdTMvWCtVeE5TNEFrNTl3bHJWL0EyODFOcHZobCt0V0hOVjRndVZYL1VWaEVydmQ5ck1pYXZERgpxTnFEVDBwTmt3WmlPWkVQbERtdnhXalVOdS9EYXNMd1dJdlVxOVYrOENTdHp6RThvcjJld0NHRXA2aG5HS0JtCmZ5aUVMRXdJdHd6N0xhZnU4TlFxSWl2TVg5cUZuRTA3Z002ZQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
server: https://192.168.4.90:6443
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: anna
name: anna-context
current-context: anna-context
kind: Config
preferences: {}
users:
- name: anna
user:
client-certificate: /home/anna/.certs/anna.crt
client-key: /home/anna/.certs/anna.key

9
podacessrole.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
namespace: default
name: pod-reader
rules:
- apiGroups: [""] # "" indicates the core API grouop
resources: ["pods"]
verbs: ["get", "watch", "list"]

13
rolebinding.yaml Normal file
View File

@ -0,0 +1,13 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: read-pods
namespace: default
subjects:
- kind: User
name: anna
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: pod-reader
apiGroup: rbac.authorization.k8s.io