K8s rbac namespace权限设置

在K8S master节点上创建Role和RoleBinding的yaml文件

#vi role-username.yaml

kind: Role

apiVersion: rbac.authorization.k8s.io/v1

metadata:

  namespace: default

  name: pod-reader

rules:

- apiGroups: [""]

  resources: ["pods"]

  verbs: ["get", "watch", "list","delete"]

- apiGroups: ["extensions"]

  resources: ["deployments"]

  verbs: ["get", "watch", "list","patch"]

---

kind: RoleBinding

apiVersion: rbac.authorization.k8s.io/v1

你可能感兴趣的:(k8s)