K
Q

How to restrict the privilege of kubectl command

12/21/2021

I would like to grant one user only the "get" privilege of "kubectl" command. I suppose it should be done with RBAC, anyone can advise it, thanks.

-- James Pei
kubernetes

Similar Questions

How to set RBAC for a user to submit Argo workflow in a specific namespace?
Why is it so hard to use gcloud commands from my host computer instead of the gcloud interactive shell?
How to create/get etcd certificates with ssh from rancher created kubernetes cluster
kubeadm join failure, error execution phase kubelet-start: error uploading crisocket: timed out waiting for the condition
Kubernetes authorization, only succesful after running hello-server

1 Answer

12/21/2021

Create a allow-get.yaml file with the next content and change my-user by your user, and run kubectl apply -f allow-get.yaml

apiVersion: rbac.authorization.k8s.io/v1
metadata:
  name: allow-get
rules:
- apiGroups:
  - ""
  resources:
  - "*"
  verbs:
  - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
  name: allow-get-bind
subjects:
  - kind: User
    name: my-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: Role
  name: allow-get
-- TlmaK0
Source: StackOverflow