dotbalo
/
kubernetes-guide
mirror of https://github.com/dotbalo/kubernetes-guide.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
kubernetes-guide/docs/chap11/11.1.md

53 lines
636 B
Markdown
Raw Permalink Normal View History

repush
2023-03-13 14:23:59 +08:00
**pod-exec-cr.yaml**
```
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: pod-exec
rules:
- apiGroups:
- ""
resources:
- pods
- pods/log
verbs:
- get
- list
- apiGroups:
- ""
resources:
- pods/exec #之前提到的子资源
verbs:
- create
```
**ns-readonly.yaml**
```
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: namespace-readonly
rules:
- apiGroups:
- ""
resources:
- namespaces
verbs:
- get
- list
- watch
- apiGroups:
- metrics.k8s.io
resources:
- pods
verbs:
- get
- list
- watch
```