kubernetes-guide/codeblock/rbac/readonly-all.yaml

kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: readonly
rules:
  - apiGroups: ["*"]
    resources: ["*"]
    verbs: ["get", "watch", "list"]

---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: readonly-to-roc
subjects:
  - kind: User
    name: roc
    apiGroup: rbac.authorization.k8s.io
roleRef:
  kind: ClusterRole
  name: readonly
  apiGroup: rbac.authorization.k8s.io
update at 2024-04-10 12:01:49 2024-04-10 12:01:49 +08:00			`kind: ClusterRole`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`metadata:`
			`name: readonly`
			`rules:`
			`- apiGroups: ["*"]`
			`resources: ["*"]`
			`verbs: ["get", "watch", "list"]`

			`---`
			`kind: ClusterRoleBinding`
			`apiVersion: rbac.authorization.k8s.io/v1`
			`metadata:`
			`name: readonly-to-roc`
			`subjects:`
			`- kind: User`
			`name: roc`
			`apiGroup: rbac.authorization.k8s.io`
			`roleRef:`
			`kind: ClusterRole`
			`name: readonly`
			`apiGroup: rbac.authorization.k8s.io`