54 строки
1.2 KiB
YAML
54 строки
1.2 KiB
YAML
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: aksrbac-cluster-admin
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: cluster-admin
|
|
subjects:
|
|
- apiGroup: rbac.authorization.k8s.io
|
|
kind: Group
|
|
name: "60750c04-d60a-4c9d-96f8-39f2bc8f774f"
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: aksrbac-cluster-reader
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: view
|
|
subjects:
|
|
- apiGroup: rbac.authorization.k8s.io
|
|
kind: Group
|
|
name: "d70935a4-42bb-4564-b95f-0f168de2f428"
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: containerHealth-log-reader
|
|
rules:
|
|
- apiGroups: ["", "metrics.k8s.io", "extensions", "apps"]
|
|
resources:
|
|
- "pods/log"
|
|
- "events"
|
|
- "nodes"
|
|
- "pods"
|
|
- "deployments"
|
|
- "replicasets"
|
|
verbs: ["get", "list"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: containerHealth-read-logs-global
|
|
roleRef:
|
|
kind: ClusterRole
|
|
name: containerHealth-log-reader
|
|
apiGroup: rbac.authorization.k8s.io
|
|
subjects:
|
|
- kind: User
|
|
name: clusterUser
|
|
apiGroup: rbac.authorization.k8s.io
|