在哪里可以获得Kubernetes API资源和子资源的列表? [英] Where can I get a list of Kubernetes API resources and subresources?

查看:475
本文介绍了在哪里可以获得Kubernetes API资源和子资源的列表?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试以尽可能不被允许的方式配置Kubernetes RBAC,我想将角色的范围限定在特定的资源和子资源上.我已经浏览了文档,找不到资源及其子资源的简明列表.

I am trying to configure Kubernetes RBAC in the least-permissive way possible and I want to scope my roles to specific resources and subresouces. I've dug through the docs and can't find a concise list of resources and their subresources.

我对支配Deployment规范的一部分的子资源(容器映像)特别感兴趣.

I'm particularly interested in a the subresource that governs a part of a Deployment's spec--the container image.

推荐答案

使用kubectl api-resources -o wide显示所有资源动词和关联的 API组.

Using kubectl api-resources -o wide shows all the ressources, verbs and associated API-group.

$ kubectl api-resources -o wide
NAME                              SHORTNAMES     APIGROUP                       NAMESPACED   KIND                             VERBS
bindings                                                                        true         Binding                          [create]
componentstatuses                 cs                                            false        ComponentStatus                  [get list]
configmaps                        cm                                            true         ConfigMap                        [create delete deletecollection get list patch update watch]
endpoints                         ep                                            true         Endpoints                        [create delete deletecollection get list patch update watch]
events                            ev                                            true         Event                            [create delete deletecollection get list patch update watch]
limitranges                       limits                                        true         LimitRange                       [create delete deletecollection get list patch update watch]
namespaces                        ns                                            false        Namespace                        [create delete get list patch update watch]
nodes                             no                                            false        Node                             [create delete deletecollection get list patch update watch]
persistentvolumeclaims            pvc                                           true         PersistentVolumeClaim            [create delete deletecollection get list patch update watch]
persistentvolumes                 pv                                            false        PersistentVolume                 [create delete deletecollection get list patch update watch]
pods                              po                                            true         Pod                              [create delete deletecollection get list patch update watch]
statefulsets                      sts            apps                           true         StatefulSet                      [create delete deletecollection get list patch update watch]
meshpolicies                                     authentication.istio.io        false        MeshPolicy                       [delete deletecollection get list patch create update watch]
policies                                         authentication.istio.io        true         Policy                           [delete deletecollection get list patch create update watch]
...
...

我想您可以使用它来创建RBAC配置中所需的资源列表

I guess you can use this to create the list of ressources needed in your RBAC config

这篇关于在哪里可以获得Kubernetes API资源和子资源的列表?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆