kubernetes
/
kops
mirror of https://github.com/kubernetes/kops.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add some more detail to additionalPolicies docs

This commit is contained in:
yissachar 2017-01-29 01:46:10 -05:00 committed by GitHub
parent 4e63359c41
commit 74e7e4ba41
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/iam_roles.md
View File

@ -103,3 +103,25 @@ Now you can update to have the changes take effect:
```
kops update cluster ${CLUSTER_NAME} --yes
```
You can have an additional policy for each kops role (node, master, bastion). For instance, if you wanted to apply one set of additional permissions to the master instances, and another to the nodes, you could do the following:
```
additionalPolicies:
node: |
[
{
"Effect": "Allow",
"Action": ["es:*"],
"Resource": ["*"]
}
]
master: |
[
{
"Effect": "Allow",
"Action": ["dynamodb:*"],
"Resource": ["*"]
}
]
```