如何授予访问权限以在 kubernetes 仪表板中指定命名空间?
[英]How to grant access to specify namespace in kubernetes dashboard?
问题描述
I have multiple namespace in my k8s cluster and user too.
我的 k8s 集群和用户中也有多个命名空间。 I deployed K8S dashboard, and now I want to grant access to namespace to specify user.我部署了 K8S 仪表板,现在我想授予对命名空间的访问权限以指定用户。 EX: user A only access namespace A on dashboard user B is only access namespace B on dashboard. EX:用户 A 只能访问仪表板上的命名空间 A 用户 B 只能访问仪表板上的命名空间 B。
Could anyone give some snippet config?谁能给一些片段配置?
Thanks all.谢谢大家。
1 个解决方案
解决方案1
2 2020-02-28 06:33:30
Create a role and role binding as below and add the user to the specific group创建如下角色和角色绑定并将用户添加到特定组
(This is just an example config and you may not want to give your user full access to namespace) (这只是一个示例配置,您可能不想让您的用户完全访问命名空间)
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1beta1
metadata:
name: example-ns-full-access
namespace: example-ns
rules:
- apiGroups: [""]
resources: ["*"]
verbs: ["*"]
- apiGroups: ["extensions"]
resources: ["*"]
verbs: ["*"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: example-rolebinding
namespace: example-ns
subjects:
- kind: Group
name: example-admins
apiGroup: rbac.authorization.k8s.io
roleRef:
kind: Role
name: example-ns-full-access
apiGroup: rbac.authorization.k8s.io
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.