Skip to content

ClusterRoleBinding

Gregory Nickonov edited this page Apr 2, 2019 · 1 revision

Quick start

R.cluster_role_binding :watcher do
  cluster_role :watcher
  add_service_account :default, :default
end

Bind ClusterRole watcher to ServiceAccount default from namespace default.

ClusterRoleBinding

Kubernetes Documentation

Sunstone property Kubernetes property Type
metadata metadata Kubernetes Object Metadata
role_ref roleRef RoleRef
subjects subjects Array of Subject

cluster_role

Specifies the name of the cluster role to be used in binding:

cluster_role :watcher

add_user

Adds the user with the specified name to the array of binding's subjects:

add_user :john

add_group

Adds the group with the specified name to the array of binding's subjects:

add_group :runners

add_service_account

Adds the service account with the specified name from the specified namespace to the array of binding's subjects:

add_service_account :default, :default

RoleRef

Kubernetes Documentation

Sunstone property Kubernetes property Type
api_group apiGroup String
kind kind String
name name String

Subject

Kubernetes Documentation

Sunstone property Kubernetes property Type
api_group apiGroup String
kind kind String
name name String
namespace namespace String
Clone this wiki locally