我的书签
添加书签
移除书签RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
import "k8s.io/api/rbac/v1"
RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
roleRef (RoleRef), required
RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.
RoleRef contains information that points to the role being used
roleRef.apiGroup (string), required
APIGroup is the group for the resource being referenced
roleRef.kind (string), required
Kind is the type of resource being referenced
roleRef.name (string), required
Name is the name of resource being referenced
subjects ([]Subject)
Subjects holds references to the objects the role applies to.
Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.
subjects.kind (string), required
Kind of object being referenced. Values defined by this API group are “User”, “Group”, and “ServiceAccount”. If the Authorizer does not recognized the kind value, the Authorizer should report an error.
subjects.name (string), required
Name of the object being referenced.
subjects.apiGroup (string)
APIGroup holds the API group of the referenced subject. Defaults to “” for ServiceAccount subjects. Defaults to “rbac.authorization.k8s.io” for User and Group subjects.
subjects.namespace (string)
Namespace of the referenced object. If the object kind is non-namespace, such as “User” or “Group”, and this value is not empty the Authorizer should report an error.
RoleBindingList is a collection of RoleBindings
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBindingList
metadata (ListMeta)
Standard object’s metadata.
items ([]), required
Items is a list of RoleBindings
HTTP Request
GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
Parameters
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
pretty (in query): string
Response
200 (): OK
401: Unauthorized
list list or watch objects of kind RoleBinding
HTTP Request
GET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
Parameters
namespace (in path): string, required
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
timeoutSeconds (in query): integer
watch (in query): boolean
Response
200 (): OK
401: Unauthorized
HTTP Request
GET /apis/rbac.authorization.k8s.io/v1/rolebindings
Parameters
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
watch (in query): boolean
Response
200 (): OK
401: Unauthorized
create create a RoleBinding
HTTP Request
POST /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
Parameters
body: , required
dryRun (in query): string
fieldManager (in query): string
pretty (in query): string
Response
200 (RoleBinding): OK
201 (): Created
202 (RoleBinding): Accepted
401: Unauthorized
HTTP Request
PUT /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
Parameters
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
body: RoleBinding, required
dryRun (in query): string
fieldManager (in query): string
pretty (in query): string
Response
200 (): OK
201 (RoleBinding): Created
401: Unauthorized
patch partially update the specified RoleBinding
HTTP Request
PATCH /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
Parameters
-
name of the RoleBinding
namespace (in path): string, required
body: , required
dryRun (in query): string
fieldManager (in query): string
force (in query): boolean
pretty (in query): string
Response
200 (): OK
201 (RoleBinding): Created
401: Unauthorized
HTTP Request
DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
Parameters
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
body: DeleteOptions
dryRun (in query): string
gracePeriodSeconds (in query): integer
pretty (in query): string
propagationPolicy (in query): string
Response
200 (Status): OK
202 (): Accepted
401: Unauthorized
deletecollection delete collection of RoleBinding
HTTP Request
DELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
Parameters
namespace (in path): string, required
body: DeleteOptions
continue (in query): string
dryRun (in query): string
fieldSelector (in query): string
gracePeriodSeconds (in query): integer
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
propagationPolicy (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
Response
200 (): OK
401: Unauthorized
