ClusterRoleBinding

apiVersion: rbac.authorization.k8s.io/v1

import "k8s.io/api/rbac/v1"

ClusterRoleBinding

ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.

• apiVersion: rbac.authorization.k8s.io/v1

• kind: ClusterRoleBinding

• metadata (

  Standard object's metadata.

• roleRef (RoleRef), required

  RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.

  RoleRef contains information that points to the role being used

  • roleRef.apiGroup (string), required

    APIGroup is the group for the resource being referenced

  • roleRef.kind (string), required

    Kind is the type of resource being referenced

  • roleRef.name (string), required

    Name is the name of resource being referenced

• subjects ([]Subject)

  Subjects holds references to the objects the role applies to.

  Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.

  • subjects.kind (string), required

    Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized the kind value, the Authorizer should report an error.

  • subjects.name (string), required

    Name of the object being referenced.

  • subjects.apiGroup (string)

    APIGroup holds the API group of the referenced subject. Defaults to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User and Group subjects.

  • subjects.namespace (string)

    Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty the Authorizer should report an error.

ClusterRoleBindingList

ClusterRoleBindingList is a collection of ClusterRoleBindings

• apiVersion: rbac.authorization.k8s.io/v1

• kind: ClusterRoleBindingList

• metadata (

  Standard object's metadata.

• items ([]

  Items is a list of ClusterRoleBindings

• name (in path): string, required

  name of the ClusterRoleBinding

• pretty (in query): string

200 (

401: Unauthorized

• allowWatchBookmarks (in query): boolean

• continue (in query): string

• fieldSelector (in query): string

• labelSelector (in query): string

• limit (in query): integer

• pretty (in query): string

• resourceVersion (in query): string

• resourceVersionMatch (in query): string

• timeoutSeconds (in query): integer

• watch (in query): boolean

200 (

401: Unauthorized

• body:

• dryRun (in query): string

• fieldManager (in query): string

• fieldValidation (in query): string

• pretty (in query): string

200 (

201 (

202 (

401: Unauthorized

• name (in path): string, required

  name of the ClusterRoleBinding

• body:

• dryRun (in query): string

• fieldManager (in query): string

• fieldValidation (in query): string

• pretty (in query): string

200 (

201 (

401: Unauthorized

• name (in path): string, required

  name of the ClusterRoleBinding

• body:

• dryRun (in query): string

• fieldManager (in query): string

• fieldValidation (in query): string

• force (in query): boolean

• pretty (in query): string

200 (

201 (

401: Unauthorized

• name (in path): string, required

  name of the ClusterRoleBinding

• body:

• dryRun (in query): string

• gracePeriodSeconds (in query): integer

• pretty (in query): string

• propagationPolicy (in query): string

200 (

202 (

401: Unauthorized

• body:

• continue (in query): string

• dryRun (in query): string

• fieldSelector (in query): string

• gracePeriodSeconds (in query): integer

• labelSelector (in query): string

• limit (in query): integer

• pretty (in query): string

• propagationPolicy (in query): string

• resourceVersion (in query): string

• resourceVersionMatch (in query): string

• timeoutSeconds (in query): integer

200 (

401: Unauthorized