Linux command
kubectl-auth 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Check if action is allowed
kubectl auth can-i [create] [pods]
Check as user
kubectl auth can-i [delete] [deployments] --as [user@example.com]
Check in namespace
kubectl auth can-i [get] [secrets] -n [namespace]
List all permissions
kubectl auth can-i --list
Check all namespaces
kubectl auth can-i [get] [pods] --all-namespaces
Reconcile RBAC
kubectl auth reconcile -f [rbac.yaml]
说明
kubectl auth checks authorization permissions. It verifies what actions are allowed for users and service accounts. The command tests RBAC policies. It's useful for debugging access issues and auditing permissions.
参数
- can-i _VERB_ _RESOURCE_
- Check authorization.
- reconcile
- Reconcile RBAC rules.
- --as _USER_
- Impersonate user.
- --as-group _GROUP_
- Impersonate group.
- --list
- List all permissions.
- -n _NAMESPACE_
- Target namespace.
- --help
- Display help information.
FAQ
What is the kubectl-auth command used for?
kubectl auth checks authorization permissions. It verifies what actions are allowed for users and service accounts. The command tests RBAC policies. It's useful for debugging access issues and auditing permissions.
How do I run a basic kubectl-auth example?
Run `kubectl auth can-i [create] [pods]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does can-i _VERB_ _RESOURCE_ do in kubectl-auth?
Check authorization.