kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update rbac.md 

The language "For all service accounts in the "qa" namespace" in the example is confusing namespaces and groups. Language fixed to disambiguate between group and namespace. An additional example provided which uses both the group ("dev") AND the namespace ("development") to further illustrate this point
This commit is contained in:
Rajesh Jain 2020-12-26 13:41:02 -08:00 committed by GitHub
parent 8279881e39
commit 7a175d551a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
content/en/docs/reference/access-authn-authz/rbac.md
View File

@ -514,7 +514,7 @@ subjects:
namespace: kube-system
```
For all service accounts in the "qa" namespace:
For all service accounts in the "qa" group in any namespace:
```yaml
subjects:
@ -522,6 +522,15 @@ subjects:
name: system:serviceaccounts:qa
apiGroup: rbac.authorization.k8s.io
```
For all service accounts in the "dev" group in the "development" namespace:
```yaml
subjects:
- kind: Group
name: system:serviceaccounts:dev
apiGroup: rbac.authorization.k8s.io
namespace: development
```
For all service accounts in any namespace: