apiVersion: rbac.authorization.k8s.io/v1
import "k8s.io/api/rbac/v1"
RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata (ObjectMeta)
Standard object's metadata.
roleRef (RoleRef), required
RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.
RoleRef contains information that points to the role being used
roleRef.apiGroup (string), required
APIGroup is the group for the resource being referenced
roleRef.kind (string), required
Kind is the type of resource being referenced
roleRef.name (string), required
Name is the name of resource being referenced
subjects ([]Subject)
Subjects holds references to the objects the role applies to.
Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.
subjects.kind (string), required
Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized the kind value, the Authorizer should report an error.
subjects.name (string), required
Name of the object being referenced.
subjects.apiGroup (string)
APIGroup holds the API group of the referenced subject. Defaults to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io" for User and Group subjects.
subjects.namespace (string)
Namespace of the referenced object. If the object kind is non-namespace, such as "User" or "Group", and this value is not empty the Authorizer should report an error.
RoleBindingList is a collection of RoleBindings
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBindingList
metadata (ListMeta)
Standard object's metadata.
items ([]RoleBinding), required
Items is a list of RoleBindings
get read the specified RoleBindingGET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
pretty (in query): string
200 (RoleBinding): OK
401: Unauthorized
list list or watch objects of kind RoleBindingGET /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
namespace (in path): string, required
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
watch (in query): boolean
200 (RoleBindingList): OK
401: Unauthorized
list list or watch objects of kind RoleBindingGET /apis/rbac.authorization.k8s.io/v1/rolebindings
allowWatchBookmarks (in query): boolean
continue (in query): string
fieldSelector (in query): string
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
watch (in query): boolean
200 (RoleBindingList): OK
401: Unauthorized
create create a RoleBindingPOST /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
namespace (in path): string, required
body: RoleBinding, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
200 (RoleBinding): OK
201 (RoleBinding): Created
202 (RoleBinding): Accepted
401: Unauthorized
update replace the specified RoleBindingPUT /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
body: RoleBinding, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
pretty (in query): string
200 (RoleBinding): OK
201 (RoleBinding): Created
401: Unauthorized
patch partially update the specified RoleBindingPATCH /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
body: Patch, required
dryRun (in query): string
fieldManager (in query): string
fieldValidation (in query): string
force (in query): boolean
pretty (in query): string
200 (RoleBinding): OK
201 (RoleBinding): Created
401: Unauthorized
delete delete a RoleBindingDELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings/{name}
name (in path): string, required
name of the RoleBinding
namespace (in path): string, required
body: DeleteOptions
dryRun (in query): string
gracePeriodSeconds (in query): integer
pretty (in query): string
propagationPolicy (in query): string
200 (Status): OK
202 (Status): Accepted
401: Unauthorized
deletecollection delete collection of RoleBindingDELETE /apis/rbac.authorization.k8s.io/v1/namespaces/{namespace}/rolebindings
namespace (in path): string, required
body: DeleteOptions
continue (in query): string
dryRun (in query): string
fieldSelector (in query): string
gracePeriodSeconds (in query): integer
labelSelector (in query): string
limit (in query): integer
pretty (in query): string
propagationPolicy (in query): string
resourceVersion (in query): string
resourceVersionMatch (in query): string
timeoutSeconds (in query): integer
200 (Status): OK
401: Unauthorized
© 2022 The Kubernetes Authors
Documentation Distributed under CC BY 4.0.
https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/role-binding-v1/