kubectl Cluster Role, Cluster Role Binding

kubectl_create_clusterrole, kubectl_create_clusterrolebinding

Cluster roles are cluster-wide and are NOT part of any namespace. Use:

k api-resources

to get short names, etc.

Practical Example

A new user michelle joined the team. She will be focusing on the nodes in the cluster. Create the required ClusterRoles and ClusterRoleBindings so she gets access to the nodes.

Create a ClusterRole:

k create clusterrole node-access --verb=get,list,watch --resource=node

More verbs: create

Create a ClusterRoleBinding:

k create clusterrolebinding node-access --clusterrole=node-access --user=michelle

To verify:

k get nodes --as michelle