在哪里可以获得 Kubernetes API 资源和子资源的列表? [英] Where can I get a list of Kubernetes API resources and subresources?
问题描述
我正在尝试以最宽松的方式配置 Kubernetes RBAC,并且我想将我的角色范围限定为特定资源和子资源.我已经翻阅了文档,但找不到资源及其子资源的简明列表.
I am trying to configure Kubernetes RBAC in the least-permissive way possible and I want to scope my roles to specific resources and subresouces. I've dug through the docs and can't find a concise list of resources and their subresources.
我对管理部署规范一部分的子资源特别感兴趣——容器镜像.
I'm particularly interested in a the subresource that governs a part of a Deployment's spec--the container image.
推荐答案
Using kubectl api-resources -o wide
显示所有资源、动词strong> 和相关的 API 组.
Using kubectl api-resources -o wide
shows all the ressources, verbs and associated API-group.
$ kubectl api-resources -o wide
NAME SHORTNAMES APIGROUP NAMESPACED KIND VERBS
bindings true Binding [create]
componentstatuses cs false ComponentStatus [get list]
configmaps cm true ConfigMap [create delete deletecollection get list patch update watch]
endpoints ep true Endpoints [create delete deletecollection get list patch update watch]
events ev true Event [create delete deletecollection get list patch update watch]
limitranges limits true LimitRange [create delete deletecollection get list patch update watch]
namespaces ns false Namespace [create delete get list patch update watch]
nodes no false Node [create delete deletecollection get list patch update watch]
persistentvolumeclaims pvc true PersistentVolumeClaim [create delete deletecollection get list patch update watch]
persistentvolumes pv false PersistentVolume [create delete deletecollection get list patch update watch]
pods po true Pod [create delete deletecollection get list patch update watch]
statefulsets sts apps true StatefulSet [create delete deletecollection get list patch update watch]
meshpolicies authentication.istio.io false MeshPolicy [delete deletecollection get list patch create update watch]
policies authentication.istio.io true Policy [delete deletecollection get list patch create update watch]
...
...
我想您可以使用它来创建 RBAC 配置中所需的资源列表
I guess you can use this to create the list of ressources needed in your RBAC config
这篇关于在哪里可以获得 Kubernetes API 资源和子资源的列表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!