RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
import "k8s.io/api/rbac/v1"
RoleBinding
RoleBinding 引用了一个角色,但未包含它。它可以引用同一命名空间中的 Role 或全局命名空间中的 ClusterRole。它通过 Subjects 添加 who 信息,并通过它所在的命名空间添加命名空间信息。给定命名空间中的 RoleBinding 仅在该命名空间中有效。
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata (ObjectMeta)
标准对象的元数据。
roleRef (RoleRef), required
RoleRef 可以引用当前命名空间中的 Role 或全局命名空间中的 ClusterRole。如果无法解析 RoleRef,则授权器必须返回错误。此字段是不可变的。
roleRef.apiGroup (string), required
APIGroup 是所引用资源的组
roleRef.kind (string), required
Kind 是所引用资源的类型
roleRef.name (string), required
Name 是所引用资源的名称
subjects ([]Subject)
Subjects 持有对角色适用的对象的引用。
Subject 包含对角色绑定适用的对象或用户身份的引用。这可以包含直接的 API 对象引用,也可以包含用户和组名称等非对象的值。
subjects.kind (string), required
所引用对象的 Kind。此 API 组定义的值为“User”、“Group”和“ServiceAccount”。如果授权器不识别 kind 值,则授权器应报告错误。
subjects.name (string), required
所引用对象的名称。
subjects.apiGroup (string)
APIGroup 持有所引用主题的 API 组。对于 ServiceAccount 主题,默认为“”。对于 User 和 Group 主题,默认为“rbac.authorization.k8s.io”。
subjects.namespace (string)
所引用对象的命名空间。如果对象 kind 是非命名空间,例如“User”或“Group”,并且此值不为空,则授权器应报告错误。
RoleBindingList
RoleBindingList 是 RoleBinding 的集合
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBindingList
metadata (ListMeta)
标准对象的元数据。
items ([]RoleBinding), required
Items 是 RoleBinding 的列表
操作
get 读取指定的 RoleBinding
HTTP 请求
GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
参数
name (in path): string, required
RoleBinding 的名称
namespace (in path): string, required
pretty (in query): string
响应
200 (RoleBinding): OK
401: Unauthorized
list 列出或观察 RoleBinding 类型的对象
HTTP 请求
GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
参数
namespace (in path): string, required
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
sendInitialEvents (in query): boolean
timeoutSeconds (in query): integer
watch (in query): boolean
响应
200 (RoleBindingList): OK
401: Unauthorized
list 列出或观察 RoleBinding 类型的对象
HTTP 请求
GET /apis/rbac.authorization.k8s.io/v1/rolebindings
参数
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
sendInitialEvents (in query): boolean
timeoutSeconds (in query): integer
watch (in query): boolean
响应
200 (RoleBindingList): OK
401: Unauthorized
create 创建 RoleBinding
HTTP 请求
POST /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
参数
namespace (in path): string, required
body: RoleBinding, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
响应
200 (RoleBinding): OK
201 (RoleBinding): Created
202 (RoleBinding): Accepted
401: Unauthorized
update 替换指定的 RoleBinding
HTTP 请求
PUT /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
参数
name (in path): string, required
RoleBinding 的名称
namespace (in path): string, required
body: RoleBinding, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
响应
200 (RoleBinding): OK
201 (RoleBinding): Created
401: Unauthorized
patch 部分更新指定的 RoleBinding
HTTP 请求
PATCH /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
参数
name (in path): string, required
RoleBinding 的名称
namespace (in path): string, required
body: Patch, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
force (in query): boolean
pretty (in query): string
响应
200 (RoleBinding): OK
201 (RoleBinding): Created
401: Unauthorized
delete 删除 RoleBinding
HTTP 请求
DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
参数
name (in path): string, required
RoleBinding 的名称
namespace (in path): string, required
body: DeleteOptions
dryRun (in query): string
gracePeriodSeconds (in query): integer
pretty (in query): string
propagationPolicy (in query): string
响应
200 (Status): OK
202 (Status): Accepted
401: Unauthorized
deletecollection 删除 RoleBinding 的集合
HTTP 请求
DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
参数
namespace (in path): string, required
body: DeleteOptions
continue (in query): string
dryRun (in query): string
fieldSelector (in query): string
gracePeriodSeconds (in query): integer
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
propagationPolicy (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
sendInitialEvents (in query): boolean
timeoutSeconds (in query): integer
响应
200 (Status): OK
401: Unauthorized
此页面是自动生成的。
如果您打算报告此页面的问题,请在您的问题描述中提及该页面是自动生成的。修复可能需要在 Kubernetes 项目的其他地方进行。