Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

how to retrieve current user granted RBAC with kubectl

One can create Role or ClusterRole and assign it to user via RoleBinding or ClusterRoleBinding.

from user view that have a token, how to get all granted permissions or roles\rolebindings applied to him via kubectl?

like image 408
wtayyeb Avatar asked Jul 12 '19 09:07

wtayyeb


1 Answers

  # Check to see if I can do everything in my current namespace ("*" means all)
  kubectl auth can-i '*' '*'

  # Check to see if I can create pods in any namespace
  kubectl auth can-i create pods --all-namespaces

  # Check to see if I can list deployments in my current namespace
  kubectl auth can-i list deployments.extensions

you can get further information with kubectl auth --help command

You can also impersonate as a different user to check their permission with the following flag --as or --as-group

kubectl auth can-i create deployments --namespace default --as john.cena
like image 108
Suresh Vishnoi Avatar answered Sep 29 '22 21:09

Suresh Vishnoi