TechQA.

K8s RBAC authorization functionality

34 views Asked by At

  1. What is rbac.authorization.k8s.io? is that just the api version RBAC uses to work, etc

  2. When you run a RBAC command (for example creating a role), is the request sent to the master server to process or is that done locally on the node? how is that process working?

  3. What are API groups? when defining a role I notice it asks for this, what's it referring to? EX: apiGroups: [""]

kubernetes k8s-rolebinding
Original Q&A
1

There are 1 answers

3
Ron Etch On

  1. The rbac.authorization.k8s.io is a type of authorization in kubernetes that sets access such as "clusterRole" and "RoleBinding" for individual user access. This help admins to dynamically configure permissions in K8s API. There are other authorization modes that you can see here in the official docs.

  2. It is typically sent to the control plane and evaluate users that shall access the cluster. This is easier to manage on a cloud provider since there are pre-existing APIs that are connected to authentication services of the provider.

  3. API groups are used for modification purposes in "verb" type. You can use the following request verbs to create your RBAC mode authorization rules.

apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: default
  name: pod-reader
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["pods"]
  verbs: ["get", "watch", "list"]

Related Questions in KUBERNETES

Related Questions in K8S-ROLEBINDING

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions